Hackers, months ago, revived macros as an attack vector to primarily hide banking malware spread by spam campaigns.
Not be left out, some targeted attacks kicked off by convincing phishing emails, have been moving a few remote access Trojans and other malware via Word docs. One particular targeted campaign, researchers at Cisco said, was using AutoIt to drop malware on compromised machines. AutoIt is freeware that allows Windows administrators to write scripts that automate tasks.
Read more: https://kas.pr/Yjy4