在2025年的Q2中,逃生恶意软件猛增40%,大多数使用加密和零天为主的检测手段。 Evasive malware surged 40% in Q2 2025, with most using encryption and zero-days dominating detections.

WatchGuard(WatchGuard)的《Q2 2025年问题报告》显示,蒸发恶意软件激增了40%,现在超过70%的人使用TLS等加密连接绕过探测。 WatchGuard’s Q2 2025 report reveals a 40% surge in evasive malware, with over 70% now using encrypted connections like TLS to bypass detection. 由于网关反病毒警报和智能AV警报的急剧增加,恶意检测增加了15%。 Malware detections rose 15%, driven by sharp increases in Gateway AntiVirus and IntelligentAV alerts. 零日恶意软件占所有检测的76%以上,特别是在加密流量方面。 Zero-day malware made up over 76% of all detections, especially in encrypted traffic. Ransomware事件下降47%,但对高价值目标的袭击加剧。 Ransomware incidents fell 47%, but attacks on high-value targets intensified. 新的威胁包括:开发工具包中的JavaScript混淆、PUMPBENCH和HERREPS等基于USB的恶意软件,以及米拉博特网的死灰复燃。 New threats include JavaScript obfuscation in exploit kits, USB-based malware like PUMPBENCH and HIGHREPS, and a resurgence of the Mirai botnet. DNS威胁持续存在,突出表明需要更新防御、补丁和高级探测工具。 DNS threats persist, highlighting the need for updated defenses, patching, and advanced detection tools.