A group of expert used a Flash Player plug-in to capture forged SSL certificates: Facebook, which terminates connections through a diverse set of network operators across the world. We analyzed 3;447;719 real-world SSL connections and successfully discovered at least 6;845(0:2%) of them were forged certificates. Many organizations issue forge certificates for their operations like Antivirus (e.g. Bitdefender, ESET, BullGuard, Kaspersky Lab), Firewall and Parental Control Software.”]
Source: http://securityaffairs.co/wordpress/24895/hacking/detection-mitm-forged-ssl-certificates.html