Creation of malicious subdomains under dynamic DNS providers

Before attacking a victim, adversaries purchase or create domains from an entity other than a registrar or registry that provides subdomains under domains they own and control. See also https://en.wikipedia.org/wiki/Dynamic_DNS