The classic method of stealing an “orphan” domain was apparently used in the case of SOO.com.
What is an orphan domain: It’s a domain that is managed by an email address that is obsolete, particularly belonging to another domain that expired and dropped. Domain criminals hijack the targeted, premium domain, by gaining control of the other domain and recreating related emails and MX records. Then, they attempt to social-engineer domain registrars to recent account credentials, and to initiate a transfer to another account or registrar.
In the case of SOO.com, a domain registered in 1995, the managing account was operated by Mr. Gregory Soo, with an email address of gregory@makaera.com.
The domain Makaera.com dropped on 11/10/2021 at Network Solutions and was promptly snapped by someone who appears to be a domain investor. Makaera.com was moved under privacy, still at Swordfish Domains LLC, a Network Solutions registrar used in domain drop-catching. Current WHOIS info is hidden by privacy with a Dutch locale.
Meanwhile, on December 12, 2021, SOO.com was moved from Gregory Soo’s account at Network Solutions, to Namecheap. The domain was then added at GoDaddy auctions and on DAN.com, and someone using the alias Gregory1 attempted to sell it on NamePros.
According to a thread at NamePros, whoever is in the possession of the domain is impersonating Mr. Gregory Soo in order to quickly sell the domain. Be aware that SOO.com is a stolen domain name and anyone offering, selling, or brokering SOO.com is not authorized by the domain’s legitimate owner.