Threat actors using Abused Code-signing certificate from reputable companies as a layer of obfuscation in distributing malicious payloads. Abused Codesigning certificates would provide integrity for an application and there are different classes of Codesigning certificates standard and Extended Validation.

Read full news article on GBHackers