This is a surprisingly common issue. In my day-to-day work, we analyze millions to look for malware, and it’s well-known in the security community that attackers frequently leverage “trusted” websites to host and deliver malware as an evasion tactic.
The technique is so pervasive that I did an extensive research on it. In fact, there are several well-funded and widely used applications, some generating millions in revenue, that unknowingly host malware on their infrastructure. In more concerning cases, these platforms are even repurposed as command-and-control servers for data exfiltration. We're increasingly seeing enterprises take the proactive step of blocking traffic to these high-risk domains entirely to strengthen their security posture (e.g. it's completely common to block all traffic from network to Dropbox or other file hosting services).
The technique is so pervasive that I did an extensive research on it. In fact, there are several well-funded and widely used applications, some generating millions in revenue, that unknowingly host malware on their infrastructure. In more concerning cases, these platforms are even repurposed as command-and-control servers for data exfiltration. We're increasingly seeing enterprises take the proactive step of blocking traffic to these high-risk domains entirely to strengthen their security posture (e.g. it's completely common to block all traffic from network to Dropbox or other file hosting services).