Brave Nightly releases and discussion

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
snafu for discussion: running 1.9.76 which appears to be the latest stable (non-nightly) version. Just experienced something potentially very concerning. When I logged into MT tonight, I copied my username from keepass 2.45 and my password also immediately autofilled and took me to the 2fa login page. but STOP, HOW was the pw loaded? I have no (ie zero) saved pw in Brave all that is disabled in settings. It just occurred to me, could this be a keepass snafu?? Been using keepass for long time, never failed me, very manual. I have to do something to copy and paste a username or password. (my security universe is crumbling down around me... o_O)

EDIT update: I logged in to MT this afternoon with keepass, and all normal, ie, no autofill of pw. maybe I had a fat finger on keyboard using keepass last night...
not worried. :whistle:
 
Last edited:

PotentialUser

Level 1
May 28, 2020
35
Hey @oldschool (and fellow peers). I ran into some Reddit threads saying Brave randomly connects to crypto websites even with Crypto Wallets and Brave Rewards turned OFF. I don't use either of those features and just need a relatively secure browser that won't implement Google's Manifest 3 (the update that will kill ad-blockers). However, I am concerned to see threads like these (extremely recent posts) saying Brave connects to these servers out of the blue.

- URL:
- URL:
- URL:
- URL: Brave browser connects to min-api.cryptocompare.com

Do you have any idea how to stop this behavior? One of Brave's mods/devs said in one of the Reddit threads this behavior shouldn't be happening (even though it obviously is) when Crypto Wallets and Brave Rewards are turned off. He then recommended also turning off the setting "Load Crypto Wallets on startup" in the Extensions portion of Brave's settings.

What has your experience been with this? Do you know how to stop this kind of behavior from occurring? I really enjoy using Brave but this is definitely bugging me to say the least. Thank you in advance!
 
  • Like
Reactions: Protomartyr

PotentialUser

Level 1
May 28, 2020
35
@oldschool I'm not into conspiracy theories either, nor do I mistrust Brave. I just don't want Brave to make connections to features that I'm not using that may be a potential security risk in the future. Not on Brave's end but on CryptoCompare's end.

For example, PageFair is a service used by many websites to block ad-blockers. But PageFair itself was hacked and served malware to users of websites that are clients of PageFair. That was unfortunate because those website didn't have anything to do with it. They just enabled PageFair to save some ad revenue and it cost them their own reputation as their visitors were re-directed to malicious content.

I just don't want to be in a situation where CryptoCompare is hacked and downloads something malicious without Brave's dev team knowing about it. Especially because I don't even use their Crypto Wallets feature anyway.
 

oldschool

Level 81
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,044

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
  • Like
Reactions: Protomartyr

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top