Hackers exploit the Microsoft Build Engine because it can execute code and build applications.  This engine provides an easy means for them to send harmful payloads using legitimate software development tools.  Moreover, inside corporate environments, Build Engine’s trusted nature enables it to bypass particular security controls, making it a perfect target for cyber attacks. Cybersecurity researchers at Cyble recently identified that Turla hackers have been actively leveraging the Microsoft build engine to deliver malware stealthily.

Source: GBHackers