DNSmessenger Malware uses DNS TXT records and PowerShell to create a backdoor for Command & Control communication
DNS was already being used for data exfiltration, but now also as a way for malware to talk to C2 servers to obtain PowerScript instructions.
This allows the attacker to use DNS communications to submit new commands to be run on infected machines and return the results of the command execution to the attacker, in a way that evades many security mechanisms and go undetected.
The infection is spread through a Word document pretending to be protected by McAfee, and asking you to Enable Content (allow macros) to be viewed.
Technical details are found here:
▻http://blog.talosintelligence.com/2017/03/dnsmessenger.html