The Cybercrime Economics of Malicious Macros

From malware developers to threat actors, cybercriminals are profit-driven businesses that focus their resources on techniques and tools that deliver the greatest return on investment. Most recently, deceptively simple and flexible malicious macros are making a comeback as they combine lower up-front and maintenance costs with higher effectiveness to create a 'killer app'. The macros initially spread variations of the Dridex banking Trojan and have, over time, been expanding on their features and capabilities in order to stay ahead of adapting defenses.