Stuxnet is widely believed to be a joint project between the US and Israel. It infiltrated Iran's Natanz nuclear facility in the mid-2000's by first infecting the systems of five of its key suppliers. According to Wired, though, a lot of researchers believe that Israel's the sole country behind both Duqu 1.0 and 2.0. As for why the hackers needed a digital certificate, Wired says it's to disguise a malicious driver, so they can install it on Kaspersky's server. See, Duqu 2.0 itself disappears every time a computer shuts down -- a driver can reinstall it when the system restarts. They also used the driver to funnel data as they stole it, making the malware harder to detect.

Kaspersky's Global Research and Analysis Team director Costin Raiu believes the attackers used a Foxconn certificate, which is apparently extremely rare, to ensure success. However, its rarity gave it away: its presence in the security firm's network set off alarm bells when one of the engineers discovered the breach. He specifically investigated suspicious digital certificates, knowing that Stuxnet and Duqu 1.0 used them in the past.