Zyklon is an advanced botnet malware that allows attackers to remotely steal keylogs, passwords and data. Malware has resurfaced after almost two years and primarily found targeting telecommunications, insurance and financial services. The fully-featured malware is capable of executing additional plugins, including secretly using infected systems for DDoS attacks and cryptocurrency mining. Attackers are exploiting three vulnerabilities in Microsoft Office that execute a. PowerShell script on the targeted computers to download the final payload from its C&C server.
Source: https://thehackernews.com/2018/01/microsoft-office-malware.html