ReversingLabs identified cybercriminals duping certificate authorities by impersonating legitimate entities. Once purchased, the bad actor sells the certificates on the black market for digitally signing malicious files, mainly adware. Digital certificates allow their owners to cryptographically link ownership to a public key for authentication purposes. Exploiting them is a particularly dangerous and also a valuable way for threat actors to elude detection of their nefarious activities and fool users into downloading malware because it appears legitimate to their systems.
Source: https://threatpost.com/threat-actor-buys-digital-certs-spreads-malware/148345/