Brave Browser Takes Back Controversial Affiliate Code Injection

  • Brave was redirecting users who tried to access cryptocurrency exchange platforms to their affiliate program.
  • The browser company was making money by the referrals, but its users’ privacy was potentially compromised.
  • Brave has now disabled the setting by default and calls the users to enable it and show their support.

Brave browser, one of the most privacy-focused and secure web browsers out there, has made a mistake which generated a notable backlash from the community, leading to a retraction. More specifically, Brave was automatically injecting affiliate code on cryptocurrency exchange platforms like Binance, Coinbase, Ledger, and Trezor. As Brendan Eich, the CEO and co-founder of Brave Software admitted, this was a mistake, and they have changed this setting from being “on” by default to being an opt-in choice for the user. The “mistake” lasted for about ten weeks, from March 25 to the past weekend.

Brave is rising in popularity very quickly, and it has recently reached 15 million monthly active users and 5 million daily users. Besides the privacy and security features that are offered through Brave, this particular browser is unique in the field of cryptocurrency – it is serving advertising campaigns to the users who want it, in exchange for crypto (Brave Rewards). Moreover, it features a crypto wallet that enables users to connect their Uphold account and make transactions right from within the browser. All that said, there are quite a few cryptocurrency holders who like to use Brave.

The injection of affiliate links caused controversy in Brave’s community not because the company tried to make money out of its users, but because it risked their privacy in the process. By injecting affiliate code, Brave gets a cut from the cryptocurrency exchange platforms, as it looks like they have referred these users. However, the referrer is allowed to view some parts of the data that concern the user who signs up with the service’s code, as the affiliate program systems generally provide this. Coinbase, for example, provides direct access to the campaign’s performance data, while Trezor is giving away a detailed overview of the purchases done by the referred users.

For a privacy-focused browser like Brave, this auto-completing should never have been activated by default. If any of the users want to support their favorite browser, they may enable it manually. Obviously, not everyone will go through the trouble of doing it, but this should be the setting from the start. To check what your settings are in relation to this feature, open Brave’s Settings menu, go to “Privacy and Security,” and check the position of the “Autocomplete searchers and URLs” switch.

privacy and security



All Facebook Users on the iOS Have Been Logged Out

Something happened with the Facebook app on iOS, as all users have been logged out.Those with 2FA enabled are having a hard...

Hospital in Belgium Forced to Redirect Patients Due to Cyberattack

A hospital in Tournai, Belgium, is dealing with a widespread infection that has affected 27% of its systems.The hospital is forced to...

How an Email Sent to Kindle Could Lead to Root RCE on the Device

Kindle devices using outdated firmware are vulnerable to root RCE by MOBI files arriving via email.The attack called “KindleDrip” involves three individual...