“Our initial investigations found that the redirections were done through unauthorised modifications at the DNS level. Our team is taking all necessary measures to monitor the situation and prevent further issues,” said Hasnul Fadhly Hasan, chief executive officer of MyNIC.
“We can assure customer’s data is not affected by today’s incident.”
The company said it is closely collaborating with Malaysian Communications and Multimedia Commission (MCMC) in resolving the incident.Some Internet users may still see the affected page for 24 hours due as DNS propagation takes time.
“As part of our ongoing efforts to safeguard domain names and improve the security, we have introduced a second layer of identity verification called Two Factor Authentication (2FA). This will ensure only the right authorised person is receiving the access code and able to change the domain name records,” said Hasnul.
“Moving forward, we’re also looking to further enhance other layer of DNS validation to ensure end-to-end protection."