An HTTPS hijacking click-fraud botnet dubbed Redirector.Paco has infected almost 1 million devices since September 2014. Botnet aims to redirect all traffic performed when using a search engine (i.e. Google, Yahoo or Bing) and to replace the legitimate results with others decided by hackers to earn money from the AdSense program. The attackers also rely on a root certificate so that any connection that goes through the server specified in the PAC file looks private without raising suspicion.”]
Source: http://securityaffairs.co/wordpress/47394/breaking-news/redirector-paco-botnet.html