Brave browser leaks onion addresses in DNS traffic

 The Tor mode included with the Brave web browser allows users to access .onion dark web domains inside Brave private browsing windows without having to install Tor as a separate software package.

Added in June 2018, Brave's Tor mode has allowed throughout the years access to increased privacy to Brave users when navigating the web, allowing them to access the .onion versions of legitimate websites like Facebook, Wikipedia, and major news portals.

But in research posted online this week, an anonymous security researcher claimed they found that Brave's Tor mode was sending queries for .onion domains to public internet DNS resolvers rather than Tor nodes.

While the researcher's findings were initially disputed, several prominent security researchers have, in the meantime, reproduced his findings, including James Kettle, Director of Research at PortSwigger Web Security, and Will Dormann, a vulnerability analyst for the CERT/CC team.