While only having BRAVE downloaded for a total of 30 minutes, I was notified of a Trojan virus download directly to my BRAVE system cache files. I will throw in some information! Please contact me BRAVE devs so we can resolve the issue. But for the rest of the community here is the information on the file downloaded.
The file C:\Users**********\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache\Cache_Data\f_000150=>(INFECTED_JS) is infected with JS:Trojan.JS.Agent.UJY and was moved to quarantine. It is recommended that you run a System Scan to make sure your system is clean
Brave browser is not at fault here (or any browser, be it firefox, chrome).
This trojan/malware has nothing to do with brave. It is likely that you (as a user) downloaded sketchy application (.exe file) beforehand and ran it. It then must have attached itself to brave to do whatever it was programmed to do (act as a keylogger etc)
On which version of brave are you. Go into settings->About and paste it here.
Brave is open source browser and its code is free to check https://github.com/brave/brave-browser. Also whitehat hackers (good ones) continuously scan brave code to find any vulnerabilities https://hackerone.com/brave. Most of them are found out solved by upstream google’s chromium team (same rendering engine which powers chrome).
It may also be palse positive. Scan your entire system with Malwarebytes (premium mode is free for first 7 days.)
I would first like to say I don’t believe BRAVE is a bad browser (Considering the 2 weeks worth of research I’ve done on it. Secondly, I had the browser opened for all of 10 minutes, brand new install. Haven’t had the chance to download anything (Including .exe files) No bookmarks or any personalization done to it, and was still triggered by my antivirus. The file was located in the browser cache (probably downloaded site cache) from wherever. I want to say its a possible fluke, but after diving into the JavaScript code, cross-referencing to known Trojan database files and details, it was a legitimate Trojan. I have seen some antivirus software flag some BRAVE temp files as viruses. I just find it a bit odd that I haven’t seen anything until adding Brave to my privacy toolkit. Ill throw some logs and stuff up so you can look, and whoever needs the reference can see them as well.