Which term best describes the theft of a domain configuration without expiration?

The term that best describes the theft of a domain configuration without expiration is domain hijacking. Domain hijacking occurs when an unauthorized party gains control of a domain name without the consent of the original owner, often through exploiting vulnerabilities in the domain registration process or credential theft. This situation typically involves taking over a domain that is still active and has not yet expired, allowing the hijacker to change ownership details, redirect traffic, or misuse the domain name.

Domain theft and domain squatting refer to related concepts but do not specifically capture the nature of unauthorized configuration changes absent the domain expiring. Domain theft might imply the illegal acquisition of a domain but doesn't encapsulate the tactics used in unauthorized control, while domain squatting refers to registering domain names that are similar to established brands or trademarks with the intention to profit from them, rather than taking over an existing configuration. Domain spoofing is a practice where deceit is used to mimic legitimate domains, misleading users, but it does not involve taking control of domain registrations.

Thus, domain hijacking accurately encompasses the unauthorized takeover of a domain's configuration while it is still active and operational.