That's wild man. I'm curious how hard it is to get a particular IP. I'm thinking, it wouldn't change much with or without DNS is they're getting their hands on the same IP addresses as shuttered nodes.

It is a huge security flaw that records just sit there unless they're updated, and it is a bit sophisticated for an actor to leverage that fact for such an attack.

I don't think nostr and Monero rely explicitly on DNS, you can use them inside the Tor network as an example, but that DNS lookup of IP addresses is just a "user friendly" feature baked into clients and relays for nostr and Monero wallet apps for remote node connections.