Wasabi cloud storage service has been shut down after a malware-hosting domain was suspended - used to store endpoints.
Yesterday, around 2:30 p.m. EST, Wasabi users suddenly saw that they could no longer have access to the storage bins hosted on the wasabisys.com domain.
Wasabi acknowledged the issue in a report it published stating that DNS analyzes caused "degraded performance".
"We are currently investigating reports of issues with some endpoints, such as s3.eu-central-1.wasabisys.com s3.us-west-1.wasabisys.com and s3.wasabisys.com. We research to try to identify the source of the issue. We will update this page as soon as we have more details", The company stated in the report.
According to the status report, the "domain registrar" tried to contact Wasabi about malicious content hosted on the wasabisys.com domain. However, it seems that the domain registrar promoted it by mistake e-mail, so Wasabi does not was notified never.
This accident led the registrar to suspend it mode domain and put the service offline, as almost all storage bins use the wasabisys.com domain.
After being informed about it, Wasabi suspended the client that hosts the malicious content and asked the registrar to activate domain again. The domain reset took thirteen hours to complete, and was finally restored today, at 12:57 p.m. EST.
Hackers are known to abuse legitimate cloud hosting services to host malware, and Wasabi is no exception. It is unknown how malicious content triggered the domain suspension.
Source of information: bleepingcomputer.com