The new mobile Zeus variant that is targeting Symbian and BlackBerry devices is following suit, using a stolen digital certificate to help cloak itself from security systems. Stuxnet was using two stolen digital certificates: one from RealTek and one from JMicron, two Taiwanese technology companies. It’s a serious problem that s made all the more troublesome by the fact that many antimalware products and other security applications will whitelist binaries and files that are digitally signed. Mobile phone software has followed the lead of desktop software in trusting signed binaries, and the problem is even more pronounced on mobile platforms.
Source: https://threatpost.com/stolen-digital-certificates-becoming-standard-malware-components-093010/74534/