The Trickbot trojan trojan is in resurgence mode, with operators filling out infrastructure globally and releasing an updated version of its vncDll module, researchers said. The latest version of the spy module makes use of virtual network computing (VNC) It essentially sets up a virtual desktop that mirrors the desktop of a victim machine and sets about using it to steal information. Researchers said that this part of the module is under active development, with a frequent update schedule that applies improved functionality.
Source: https://threatpost.com/trickbot-malware-virtual-desktop-espionage/167789/