Code-signed apps are harder to detect by network security appliances, making it easier to sneak malware onto a vulnerable system. The downside? Certificates aren’t cheap — and hackers usually are.
Source: Hackers are selling legitimate code-signing certificates to evade malware detection | ZDNet