Tor Mode On Brave Browser Exposed Onion Addresses In DNS Traffic

In addition to an incognito mode, the Brave browser also includes a Tor mode with which the anonymization service of the same name can be used directly from Brave. Brave advertises this with “real privacy”.

However, an anonymous cybersecurity expert published a study according to which the Brave browser running in Tor mode left traces in the logs on the DNS server. The DNS queries of the websites accessed in this way were not tunneled via the Tor but rather sent to the normal DNS server.

In addition to websites that are to be accessed via Tor, this also affects Onion Services, i.e., websites and services that are offered within the Tor network and thus offer significantly higher anonymity.

For the first time, information about this problem was published on Reddit, and at first, many doubted the correctness of the expert’s conclusions. However, the existence of the bug was soon confirmed by such well-known information security specialists as the chief researcher of PortSwigger Web Security James Kettle and CERT/CC analyst Will Dormann.

According to Brave, the source of the bug turned out to be an ad blocker built into Brave, which used DNS queries to find sites trying to bypass its bans, but the developers forgot to exclude .onion domains from these checks.

A patch for it was included in the Brave Nightly build two weeks ago, after receiving a bug. The fix is ​​promised to be transferred to the stable version during the next browser update.

Tor mode was integrated into Brave back in 2018 and allows users to visit onion sites. This is done by proxying user requests through Tor nodes, which make a request to the onion resource instead of it, and then send back the received HTML. 

Bhasker Das
Bhasker Das
Bhasker Das, with a master's in Cybersecurity, is a seasoned editor focusing on online security, privacy, and protection. When not decrypting the complexities of the cyber world, Anu indulges in his passion for chess, seeing parallels in strategy and foresight.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream