What is s3.amazonaws?
Lately, whenever I click on a download link in Google Chrome, it redirects to another link starting with s3.amazonaws.com, which in turn gets blocked either by Chrome or by my Antivirus (Comodo Internet Security). Copying the same link into Firefox or(*) a download manager downloads the file normally.
I have tried resetting Chrome settings, disconnecting my Google account, removing all extensions, disabling all plugins, and performing a system scan, but the issue persists.
My question is: What exactly is s3.amazonaws.com? Is it malicious, or is Chrome mistrusting it? And how do I fix the issue?
s3.amazonaws.com is an endpoint for a cloud file storage product offered by Amazon Web Services (AWS) and is used by many websites and apps (albeit usually behind the scenes, but you can serve files from it directly too).
Seeing references to that domain is definitely not inherently malicious, however given that you can store just about any file in S3 there's no guarantee that it isn't being used to store some malicious files (among the overwhelmingly legitimate files). AWS credentials are a valuable target for hackers so it's possible the owner of the account has been compromised.
Chrome and Comodo may know that attributes such as the size, checksum, name, etc. of the file match that of known malware which is why they're blocking it (rather than necessarily because it's served from s3.amazonaws.com). I'd recommend reporting it via the AWS abuse form or by emailing abuse@amazonaws.com. If it is malware then they'll most likely remove it and contact the account owner. AWS is usually extremely proactive about security issues.