Use multiple DNS infrastructures
A technique used by the adversary similar to Dynamic DNS with the exception that the use of multiple DNS infrastructures likely have whois records. 
Tactic: Establish & Maintain Infrastructure
DetectionDetectable by Common Defenses (Yes/No/Partial): Partial
Explanation: This is by design captured in public registration logs. Various tools and services exist to track/query/monitor domain name registration information. However, tracking multiple DNS infrastructures will likely require multiple tools/services or more advanced analytics.
Difficulty for the AdversaryEasy for the Adversary (Yes/No): Yes
Explanation: Requires more planning, but feasible.
- Brian Krebs. (2015, May 18). St. Louis Federal Reserve Suffers DNS Breach. Retrieved March 6, 2017.