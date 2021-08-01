



Much of what we do on the Internet today is either searching for relevant information, researching product prices, or even searching for new programs such as browsers, and it’s not news for everyone to start with a Google search. However, this trust in search engines can lead to some headaches in certain cases. After all, there may be flaws in page indexing and curation of displayed ads. This is supported by the case in question here. Brave Browser is involved in the latest scams that endanger Internet security.

According to information released by the people of Ars Technica, a very cleverly crafted scam was recently discovered on Google. This is a combination of ID spoofing on the Brave browser site and the purchase of ads served at the top of the relevant search page. Starting with what you see in search engines, you can observe that your ad points to a domain other than the one officially used by the Brave website (brave.com). They quote a professional clothing trading website called mckelveytees.com, which was probably also the victim of the scam. When clicked, the user was directed to an intermediate domain until they visited a fake site.

Brave browser fake websites can easily trick inadvertent users

The big problem when talking about fake sites is that they can easily be fooled even by the most careful users. This shows the scammer’s attention to make the scam more viable on the first check. For this, use a string that masks the original URL. Instead, you’ll see a domain similar to Brave, but with an accent on the letter E. However, this is only to get the attention of a particular user.

Of course, you may also be wondering about security certification. The answer is yes. The site also has a valid TLS certificate. This shows the traditional locking of HTTPS access.

As a result, anyone who clicks on the displayed download button is guaranteed access to the installation files. It contains malware called ArcheClient and SectopRat embedded in the 303MB ISO in the executable. Fortunately, the case in question has already been officially withdrawn by Google after being signaled by Brave and NameCheap. It also included the discontinuity of the malicious domain used to apply the fraud.

This case is the latest example to be aware of when navigating the web. Scammers and hackers are trying to improve the way they access user data, steal information and profit from it.

