Locky, a new strain of ransomware, appears to be borrowing a trick from Dridex: Using embedded macros to execute malware that goes on to encrypt users’ files.
Source: Threadpost