On Friday afternoon, around 3-4 pm, a large number websites on the .my domain (including this website) were not accessible for users using the Cloudflare DNS, 1.1.1.1 and 1.0.0.1.
The issue also seem to affect some users using the Google DNS as well.
The problem appears to do with DNSSEC (DNS Security Extensions). DNSSEC is is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS) as used on Internet Protocol (IP) networks. It is a set of extensions to DNS which provide to DNS clients (resolvers) origin authentication of DNS data, authenticated denial of existence, and data integrity, but not availability or confidentiality. You can read more about it here.
At the moment, mynic.net.my are providing invalid DNS records, causing a huge number of .my domains inaccessible.
Mynic only acknowledged this issue more than 12-hours later (4.35am on 16 June to be exact) and the issue is still ongoing. I guess the technical teams are on holiday.
We are currently experiencing some Technical Issue related to DNSSEC chain with IANA. We feel sorry for any inconvenience to the customers. We are working hard to resolve this issue as soon as possible. More details will be issued from time to time.
— MYNIC Berhad (@mynicberhad) June 15, 2018
An easy workaround is to use VPN or switch to the local ISP DNS such as from TM, Maxis, Celcom, Digi, U Mobile and Time dotCom. However, this may only be temporary since the problem is with Mynic itself.
Mynic domains are known to be insecure based on what happened repeatedly in the past, so users are advised to be cautious, especially if you are visiting the local banking websites.
P.s: Thank you ServerFreak for the tip.