Dark-Web Browsing History of Users Exposed

The Brave browser fixed a bug in its browser. It has sent queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes. The consequence was the exposure of users‘ visits to dark web websites.

The browser has a built-in feature called „Private Window with Tor“ that integrates the Tor anonymity network into it. This allows users to access .onion websites, which are hosted on the darknet. The bug in the Tor mode of the browser made it possible to leak all the .onion addresses visited by a user to public DNS resolvers.