That only worked because the attacker didn't understand dnssec. If they had unsigned the domain first and then hijacked it they would have succeeded.

I haven't been able to find any cases of genuine dns hijack attacks in the last few years. Would love to know if anyone else can?

Only about 40% of the crypto companies seem to use dnssec. Seems like a target rich environment.