I recall that subdomains are their own record inside a DNS

Well, not a record, but a zone. A subdomain is its own zone. There are additional DNS records that support a separate zone though.

which would imply that anyone can claim that their server is a non-existent subdomain of the real domain

False. The person wanting control of the subdomain must be delegated control from the parent domain. Owners of the parent domain don’t just hand that out to anyone. The mechanism is called DNS Delegation.