Contact ICANN/IANA and plead with them to stop assigning any more resources
to said ISP.
ICANN/IANA doesn't assign resources to ISPs.
Indirectly they're responsible for assignment of IP address,
In the sense that they allocate /8s (and, in IPv6, /12s) to the RIRs, sure. I'm just guessing but I don't think the RIRs would be very happy if ICANN/IANA were to refuse to allocate a /8 (or a /12) to an RIR because one of the RIRs' customers was hijacking NXDOMAINs.
Actually, ICANN/IANA assigns these directly (see http://pen.iana.org), but I suspect the folks in the IETF would get a bit distressed if ICANN/IANA started imposing restrictions on who could get PENs.
ICANN/IANA is directly responsible for (and has contractual relationships with folks who operate) gTLDs and has, to the distress of some folks on this list, imposed restrictions on wildcards/synthesis/etc. ICANN/IANA discourages wildcards/synthesis/etc for ccTLDs, but the operation of a ccTLD is considered a national sovereignty issue and thus, ICANN/IANA has no way to do anything other than point out the problems wildcards/synthesis/etc. can lead to. As I write this, there are 11 ccTLDs that do wildcards/synthesis/etc. and there will undoubtedly be more in the future. ICANN/IANA has no interaction with, much less control, over ISPs.
My point was there isn't really an authority to enforce rules on ISPs when
it comes to how they manage their DNS servers.
Government and IANA won't be interested in fielding such complaints.
Government might -- politicians like to be seen solving problems, even if they haven't the slightest idea what the problem is, whether it actually is a problem, or how to go about fixing it.
With the exception of the gTLDs, ICANN/IANA simply can't -- it has no mechanism to do anything other than wag its finger.
Shining a flash light on the problem publicly is going to be the best best.
There are folks on this list who work for ISPs which are doing wildcards/synthesis/etc. They (or, more likely their management) can tell you there are obvious business reasons why they do wildcards/synthesis/etc. Perhaps I'm overly cynical, but I suspect that until those business reasons go away, shining a flash light will probably just result in more ISPs implementing wildcards/synthesis/etc.