Malware authors have for some time been using code-signing certificates for their malicious payloads so they can sneak past enterprise anti-malware tools. But contrary to popular belief, not all of the certificates that are being used to distribute malware are stolen from their legitimate owners.
Read full news article on Dark Reading