Malware Protection Center (MMPC) issued an alert about a surge in the infections of malware using macros to spread their malicious code. Malware specialists at Trend Micro noticed the VAWTRAK agent for the first time in June 2014, when it was abusing a Windows feature called Software Restriction Policies (SRP) to prevent victims systems from running a wide range of security programs. The agent is able to steal information from different sources, including email credentials from mail services like Microsoft Outlook and Windows Mail.”]
Source: http://securityaffairs.co/wordpress/34107/cyber-crime/vawtrak-uses-macros-windows-powershell.html