Initially a banking trojan, Trickbot evolved to become a popular form of malware among threat actors, predominantly because it was easily modified making it ideal for multiple types of attacks. To avoid becoming a victim of an attack like Trickbot, organizations should use the latest supported versions of operating systems and software, and apply security patches promptly. Employ best practices for use of RDP and other remote desktop services by protecting them behind a strong VPN with Multi-Factor Authentication (MFA) and auditing any unusual login events from IP addresses or devices that are different from what the employee account normally uses. Provide social engineering and phishing training to employees. Urge them not to open suspicious emails, not to click on links or open attachments contained in such emails, and to be cautious before visiting unknown websites. It is important to have a Security Operations Center or a managed security monitoring service with expert security analysts on duty, such as the Binary Defense Security Operations Task Force. The Task Force provides a 24/7 monitoring solution of SIEM and endpoint detection systems to detect and defend from intrusions on an organization’s network.

https://www.zdnet.com/article/us-justice-department-accuses-latvian-national-of-creating-and-deploying-trickbot-malware/?&web_view=true

https://www.justice.gov/opa/press-release/file/1401766/download