Brave browser leaks visited Tor .onion addresses in DNS traffic, fix released after bug hunter raises alarm

2021-02-22 07:14

Brave has patched up its privacy-focused web browser after it was spotted leaking its Tor users' dark-web habits.

Onion domains visited by the browser to whatever DNS servers the software was configured to use for non-Tor websites, allowing whoever operates those DNS servers - or anyone who can snoop on the queries in transit - to figure out the kinds of hidden services frequented by an individual user.

"The root cause was a new ad-blocking feature called CNAME ad-blocking which initiated DNS requests that did not go through Tor in order to check if a domain should be blocked," a Brave spokesperson told The Register.

The Reg checked with Kia, and the answer was pretty unequivocal: "We are aware of online speculation that Kia is subject to a ransomware attack," a spokesperson told us.

"Jones Day's network has not been breached. Nor has Jones Day been the subject of a ransomware attack," the legal firm told American Lawyer magazine, meaning that it believes its own corporate network was untouched and that documents were purloined from its file-sharing provider.

A day later the company was hit by ransomware that encrypted files for extortion.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/02/22/in_brief_security/

#browser #DNS #leak #onion #TOR

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
TOR		1	2	46	3	4	55
Brave		4	2	19	0	0	21