Trend Micro antivirus zero-day used in Mitsubishi Electric hack
Chinese hackers have used a zero-day in the Trend Micro OfficeScan antivirus during their attacks on Mitsubishi Electric, ZDNet has learned from sources close to the investigation.
Trend Micro has now patched the vulnerability, but the company did not comment if the zero-day was used in other attacks beyond Mitsubishi Electric. News of the Mitsubishi Electric hack became public on Monday, this week. In a press release published on its website, the Japanese electronics vendor and defense contractor said it was hacked last year.
The company said it detected an intrusion on its network on June 28, 2019. Following a months-long investigation, Mitsubishi said it discovered that hackers gained access to its internal network from where they stole roughly 200 MB of files. While initially the company didn't reveal the content of these documents, in an updated press release, the company said the files contained primarily information on employees, and not data related to its business dealings and partners.