The technique is an alternative to sneaking into documents VBA macros that fetch malware from an external source.
Since Microsoft announced it would block the execution of VBA and XL4 macros in Office by default, attackers are finding alternatives.
Source: cyware.com