Brave wanted me to reinstall to update? Did I just download malware?

Description of the issue:

System: MacOS Ventura 13.7, up-to-date, Intel chip

Brave showed that it needed an update (the hamburger menu was red) and when I clicked on it, it said it couldn’t do the update with a refresh as usual, but would need to download and reinstall. It pointed me to the brave download page - just to be safe, since I’d never seen brave do this for me before, I googled brave’s download page in a new tab in brave and it sent me to the same page, which looked official, I remember the download button being red, url was I downloaded it, it had me use an installer.

In the finder info I could see that Brave was listed as version, was created May 17, and modified May 25.

All tabs were broken - nothing showed in the tab itself, but a frowny face popped up in place of the tab icon. This goes for external webpages as well as things like navigating to brave://settings/help - yielded the same result.

THEN in Chrome I googled up the brave download page and it looked completely different, with a purple background. I downloaded that and it did not have me use an installer, but just drag the application into my application folder, and I got a little “do you want to run this thing downloaded from the internet” dialog box which didn’t happen with the installer-brave. Now everything works great.

I can see in the finder info that Brave is version, was created May 17, and modified May 17.

I’m no expert, but this all just seems kind of sketchy - did something compromise my browser, did I download & run malware of some sort before? Any idea what happened?

Thanks for reaching out.
Honestly I have no idea what happened here — if you initiated a download from the browser itself it should not have asked you to use the installer (or at least I’ve never seen it do this before). Are you sure that it was the browser itself that was prompting you to update, or was it maybe a specific extension you had installed?

Additionally, you didn’t by chance get a screenshot of the site you landed on, did you? Because is the correct URL and should have looked like this:

Lastly, while I imagine there is a logical explanation for this, it wouldn’t hurt you to run a system scan/malware check just in case.

It was definitely the browser prompting me to update, only after I clicked on the ‘update brave’ thing in the hamburger menu on the top right. I’m not sure how long the button had been red with “update”.

I did not get a screenshot - wasn’t suspicious at that point since it matched the page I saw when I clicked on the google result. Unfortunately I didn’t pay too much close attention to the page so I can’t remember too much what it looked like, but the appearance of it didn’t raise any flags for me. I just remember when I googled the download page in Chrome and saw the one you have posted there my immediate thought was, “whoa, this is a totally different page.” When I navigate back to it in brave now (checked my history, it’s the right url) I see the right page with the blue/purple background.

I ran a scan but it didn’t find anything.

@dtt1 I’m assuming it just was a new prompt because you hadn’t updated in a while. If the browser version being used gets too far outdated, it’s not able to auto update and requires you to manually install, which is sounds like you did.

Same layout here.

OS is linux mint.

  • Brave Browser
  • ubuntu debian
  • Linux Mint 21.1
  • Kernel: 5.19.0-42-generic x86_64

Always stay up to date with apt update. Update request didn´t came from the browser, took the system-updater. no malware in my POV.

since yesterday it looks like this:

okay, from another thread it solved it for now. used the command via terminal

 brave-browser -use-gl=egl

and disabled hardware acceleration. now back in normal brave-mode

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.