Because they just switched domains (getdropbox.com to dropbox.com), they haven't built up a positive reputation on their new domain yet. As a result, only a handful of instances of malware being served by a user can get the domain blocked.
I wonder how effective this sort of attack would be against Dropbox in the future.
Valid point and it crossed my mind too, however Google's systems are aware of domain shifts (I assume the Dropbox folks filed a domain change) and it should know about its 'transferred' positive rap.
If the block is solely based on malware distribution then Facebook would have suffered the same fait ages ago.
Amisdst all the data Google stores it should be clear that Dropbox isn't a random site freely dropping malware around the web.
If it can't figure it out then a good old fashioned human should.
I'm pretty sure this is the issue. Google wouldn't know to treat Dropbox "special" just because they switched domains. "dropbox.com" hasn't been around long enough in its current incarnation for it to be "clear that [it] isn't a random site freely dropping malware around the web."
Obviously it is for this purpose, but the fact that it exists doesn't mean it was used properly in this case or that their change notice was updated in a timely fashion.
though couldn't any of the file storage places have the same issue (mosso, s3, etc)?
They aren't free and anonymous, are they? The free and anonymous part tends to be important to malware distributors. Exploiting existing servers is one way, but free sites are also used quite heavily.
I wonder how effective this sort of attack would be against Dropbox in the future.