Did you think that just because software is digitally signed with a valid certificate, it must be safe? Think again. Although it's uncommon, F-Secure researchers recently discovered a Trojan that is signed with a code-signing certificate that was stolen from the Malaysian government. Luckily the certificate has expired, but it goes to show that malware authors and distributors are even sneakier than you thought.
Read more here: