Sorry for my bad English, I’m French. I explain my problem because I am worried.
I have domain names for which I put the Cloudflare DNS in my registrar but I did not add them to my Cloudflare account (error on my part).
I could see that these domain names were taken over by a hacker, who posted his pages (porn sites, illegal download, etc.). I guess it was enough to add my domains to his Cloudflare account to put the DNS of his own server.
So far I understand what could have happened, and it was my fault I had to do things in order.
But what worries me the most: it was enough for me to add these domains to my Cloudflare account to regain control. I added the domain, Cloudflare scanned the existing DNS, I deleted the IP address of the hacker’s server and the rest of its configuration, I put the IP address of my server instead and everything is income in order.
How could I add a domain to my Cloudflare account when it was already in the hacker’s Cloudflare account? That would mean that we can recover and then control any site under Cloudflare in this way?
I have an assumption: maybe the hacker’s Cloudflare account was identified as unlawful and closed, which allowed me to add my domains since they were no longer in his account. But in this case, why was the DNS pointing to his server kept?
I hope it’s understandable, thank you very much for your answers!