In the age of pervasive computing, traditionally centralized cloud storage (CCS) services may not fit in well due to their centralized architecture, limited worldwide availability, high expense, and security and privacy concerns. To address these issues, decentralized cloud storage (DCS) services emerged recently. However, previous works focus on analyzing the technical design of DCS services, e.g., their incentive mechanisms. Little is known regarding how well these DCS services work in real- world operations. In this paper, we fill this gap by providing the first empirical measurement of Storj, one of the most extensive in-operation decentralized cloud storage services, focusing on its ecosystem, performance, and security implications. Our study is made possible through multiple measurement techniques to automatically capture storage nodes, profile Storj’s quality of service, understand co-located network threats, and evaluate potential attacks in a simulated environment. Leveraging these techniques, a set of insightful findings have been distilled. Particularly, we have observed over 32K storage nodes as well as 155K unique node IP addresses, which are widely distributed in 122 countries, 2,418 ASNs, and 205 /8 IPv4 prefixes. Regarding performance, storage customers located in Europe or the United States tend to enjoy a better storage performance than those in Asia-Pacific, likely due to the imbalanced distribution of storage nodes in different regions. Lastly, what is concerning is that 4.48% of IPs of storage nodes were found to have been associated with various malicious activities, especially botnets and cryptomining. Another vulnerability is that a malicious storage node could exploit multiple channels to boost its storage reputation while demoting that of benign nodes.