TrickBot banking trojan is a relatively new threat that appeared on the malware scene in September 2016. Many researchers have called it the unofficial successor of the Dyre bank trojan, which ceased its activity in the winter of 2015-2016 after Russian authorities raided the headquarters of a Russian company. Campaigns spreading TrickBot intensified with time, as the malware coders added support for more fake login screens, used to steal credentials for users across more and more countries. New TrickBot configurations target the CRM (CRM) applications of two high-profile SaaS providers.
Source: https://www.bleepingcomputer.com/news/security/trickbot-activity-ramps-up-now-targeting-crms-and-paypal-users/