Macros are not malicious by nature, being added to automate various operations in the Office suite.
Macro malware, as this threat is sometimes called, relies on macro scripts attached to Office files that execute when the document is opened, if there’s no security restriction. These scripts carry out various operations, in the context of the Office application it runs from.