Old WHOIS domain could have issued countless fraudulent TLS/SSL certificates

Researchers at watchTowr Labs purchased a domain no longer in use by the .mobi WHOIS server for $20. They found that due to out-of-date address information, their server received roughly 2.5 million queries from over 135,000 systems, including government and military domains, universities, and cybersecurity companies. They highlighted the risk that malicious actors could use such opportunities to hijack abandoned infrastructure, issue fraudulent certificates, and cause large-scale damage.