Google says rogue digital certificates for several Google domains were issued by an intermediate certificate authority in India. The certificates had been issued by the National Informatics Centre of India, which has multiple CAs authorized by India’s Controller of Certifying Authorities (CCA) Microsoft says it’s unaware of any abuse of its domains via the rogue certificates. Google has blocked the phony certificates in Chrome, and India CCA has revoked three certificates issued to NICCA. The obvious options would be surveillance, nation-state spying, and phishing for financial gain, expert says.”]
Source: https://www.darkreading.com/authentication/fake-google-digital-certificates-found-confiscated