Learning how TrickBot works is the first step to knowing how organizations and consumers can protect themselves from it. Here are some other things to pay attention to:
- Look for possible Indicators of Compromise (IOC) by running tools specifically designed to do this, such as the Farbar Recovery Scan Tool (FRST). Doing this will identify infected machines within the network.
- Once machines are identified, isolate infected machines from the network.
- Download and apply patches that addresses the vulnerabilities that TrickBot exploits.
- Disable administrative shares.
- Change all local and domain administrator passwords.
- Protect yourself from a TrickBot infection using a cybersecurity program that has multi-layered protection. Malwarebytes business and premium consumer products detect and block TrickBot in real-time.
