RLY SMRT
DNS hijacking in various forms has been long known to be perfectly feasible, but actually doing it now means a good solid panic frenzy, more "security researchers" shouting for a DNSsec, resulting in exactly that: a signed root with the USoA sitting on the keys. The USoA government taking a step back in name (only) doesn't change that they still have far too much influence for any other ccTLD owner to feel comfortable about that. So if this is a DNS hijack, then oh the irony to have self-professed Iranians do it to a Chinese site.