Brave Browser’s Tor Mode Is Leaking the Users’ Real IP Address

  • The Tor mode in Brave is reportedly leaking the real IP address of those visiting onion sites.
  • The ISP knows which sites these users are visiting and could share that data with the authorities.
  • This is definitely a big blunder by Brave, and users who wish to remain anonymous should use the Tor browser.

There’s a discussion in the privacy-minded community about using Brave browser’s Tor mode and whether that would be safe for those who wish to remain anonymous. Apparently, users discovered that all requests made for onion domains to the DNS server and the ISP are tagged with the real IP address of the requester, so essentially, the ID of the subscriber is leaked. This defeats the purpose of accessing an anonymous network like the Tor network, but it is actually not anything that Brave hasn’t already warned its users about.

As clearly mentioned in the relevant support page of Brave, using Tor mode won’t guarantee your privacy, and Brave cannot protect you from IP-discovery systems that may be in place. Of course, this doesn’t sound like “we’re not going to even bother,” but it clearly makes the case about the Tor mode being there just for convenience, not for anonymity.

If you’re looking for the latter, you’d better use the Tor browser directly. Even then, nothing is guaranteed, but you will be using a tool that’s at least more focused on the fulfillment of the crucial ID-masking role.


Of course, if you’re using a VPN, which we would suggest that you do when visiting Tor sites, Brave will leak that IP, so there’s still a way to protect your anonymity while using Brave’s Tor mode. However, if the VPN tool you’re using is leaking your real IP address, tough luck.

The researcher who first discovered and reported this was treated somewhat aggressively by Reddit mods who cited reliability issues, even accusing him of potentially faking the screenshots. Since then, many more people have tested their DNS traffic and confirmed the problem, so there’s no doubt about that.

We have seen no statements from Brave yet, and judging from their responses in the past, we won’t be surprised if they decide to rework their DNS resolver and stop the leakage. Brave is a privacy-conscious project and wouldn’t just let people’s IP addresses become prey to ISPs or the authorities.

It’s just against all that they stand for, and we believe that this is just a bit that slipped their attention. Of course, they should have known and done better, and this is unquestionably disappointing for their otherwise growing userbase.



How to Watch The Real Housewives of New Jersey Season 12 Online From Anywhere

Get ready for new plot twists, exploding tempers, and a lot of tension in a new season of The Real Housewives of...

How to Watch Chicago Blackhawks Games Online Without Cable

The Chicago Blackhawks are one of the most widely known teams in the NHL, with a lot of history and a fanbase...

How to Watch Pam & Tommy Online from Anywhere: Release Date, Cast, Plot, & Trailer

This biographical drama series surrounds the infamous controversial '90s tape of Motley Crue drummer Tommy Lee and then-wife actress Pamela Anderson that...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari