Information about Suckfly, a China-based APT group that uses stolen codesigning certificates
While code-signing certificates can offer more security, they can also live an unintended secret life providing cover for attack groups, such as the Suckfly APT group.
Many security-minded organizations utilize code signing to provide an additional layer of security and authenticity for their software and files. Code signing is carried out using a type of digital certificate known as a code-signing certificate. The process of code signing validates the authenticity of legitimate software by confirming that an application is from the organization who signed it. While code-signing certificates can offer more security, they can also live an unintended secret life providing cover for attack groups, such as the Suckfly APT group.