Threat actors are increasingly adopting Excel 4.0 documents as an initial stage vector to distribute malware. The findings come from an analysis of 160,000 Excel documents between November 2020 and March 2021. Microsoft warns in its support document that enabling all macros can cause “potentially dangerous code” to run. The ever-evolving Quakbot (aka QBOT), since its discovery in 2007, has remained a notorious banking trojan capable of stealing banking credentials and other financial information, while also gaining worm-like propagation features.
Source: https://thehackernews.com/2021/04/cybercriminals-widely-abusing-excel-40.html