I was searching for the download for Brave when the first result was a phishing link. After that i kept finding more and more of these phishing links. Here is a list of the ones I found:
Thanks for reporting these.
The first one is indeed impersonating Brave and linking to a different Android browser. I have reported it to Google Safe Browsing.
The second one actually includes disclaimers that it’s not affiliated with Brave and it appears to link directly to the real Brave website for the downloads. It doesn’t appear to be malicious for now.
Thankyou, I remember seeing more so there are more of these out there.
Please feel free to share any other ones you see. We will take action on them as appropriate.
Here are more:
`
Thanks for these. We are aware of the first one. They were part of the old referral program and aren’t anymore. We’ve asked them to take down their page and they haven’t responded. At least they’re linking to the real Brave installer.
The second one is not pretending to be Brave and is serving the real binaries (they redirect to https://referrals.brave.com/latest/BraveBrowserSetup32.exe), so it’s allowed.
I sorry to keep posting links which are not phishing.
Here is another:
That’s a confusing one. It does seem to only link to the real Brave entry on the play store though: https://play.google.com/store/apps/details?id=com.brave.browser&hl=en&gl=US
Hm, none of the download buttons seem to work on that one.
I have found some too! If I have sent some false links please contact me. Idk if they are malicious: https://www.filehorse.com/download-brave-browser-64/, http://brave.findmysoft.com/, https://www.softpedia.com/get/Internet/Browsers/Brave.shtml, https://appsonwindows.com/apk/7786891/, https://portapps.io/app/brave-portable/, https://www.filehen.com/brave-browser-free-download/
-
https://www.filehorse.com/download-brave-browser-64/:
- This one redirects to our website for the binary file and so it’s the real
Brave browser: https://laptop-updates.brave.com/download/FIL862
- This one redirects to our website for the binary file and so it’s the real
-
http://brave.findmysoft.com/:
- That one looks pretty sketchy since they show a little video telling users
how to bypass the Safe Browsing warning. - It’s also distributing an ancient and vulnerable version of Brave. I have
reported the page to Google Safe Browsing.
- That one looks pretty sketchy since they show a little video telling users
-
https://www.softpedia.com/get/Internet/Browsers/Brave.shtml:
- This one downloads from official sources:
- https://github.com/brave/brave-browser/releases/download/v1.26.67/BraveBrowserStandaloneSetup32.exe
- https://laptop-updates.brave.com/latest/winia32
- https://laptop-updates.brave.com/latest/winx64
- https://github.com/brave/brave-browser/releases/download/v1.27.81/BraveBrowserStandaloneBetaSetup.exe
- https://github.com/brave/brave-browser/releases/download/v1.27.79/BraveBrowserStandaloneDevSetup32.exe
- https://github.com/brave/brave-browser/releases/download/v1.27.79/BraveBrowserStandaloneDevSetup.exe
- This one downloads from official sources:
-
https://appsonwindows.com/apk/7786891/:
- It downloads the APK from:
https://apk2.appsonwindows.com/v2/7/com.brave.browser_beta-v1.27.75.apk - I will need to look since it’s not a file that we distribute
ourselves.
- It downloads the APK from:
-
https://portapps.io/app/brave-portable/:
- These guys have a clear notice that it’s not an official build.
- https://www.filehen.com/brave-browser-free-download/:
Thank you for replying. If I find more that is actually phishing websites I will send it!
I found some right away! I just searched Brave browser free download no virus and I got so MANY phishing or probably malicious websites… https://m.apkpure.com/brave-browser-private-ads-block/com.brave.browser, https://brave.en.aptoide.com/app, https://softsharenet.com/brave-browser-download/5839/, https://www.apkmonk.com/app/com.brave.browser/, https://webforpc.net/brave-browser-free-download. Let me know if some are false and I’m happy to help you take down the phishing websites. And I’m sorry to bother you if I posted some non phishing links
The Android ones are difficult to check, but this one is fine:
-
https://softsharenet.com/brave-browser-download/5839/
- links to our official builds on GitHub
On the other hand, this one appears malicious given the password on the RAR file (also it’s an ancient version of Brave):
and so I have reported it to Google Safe Browsing.