Brave, a crypto-powered privacy-focused web browser , has been caught autocompleting URLs on cryptocurrency websites with the company’s own referral link.
The discovery was first made by a popular cryptocurrency commentator, Cryptonator ( @cryptonator1337 ) who noticed that the Brave browser is auto-completing certain domains to add a referral code.
For instance, when he typed “binance.us” into the address bar, it automatically changed to “binance.us/en?ref=35089877”. Basically, the Brave browser is redirecting Binance links to a referral landing page, which Brave profits from.
So when you are using the @brave browser and type in “binance[.]us” you end up getting redirected to “binance[.]us/en?ref=35089877” – I see what you did there mates ? — CR1337 (@cryptonator1337) June 6, 2020
Earlier this year, Brave and crypto exchange service Binance signed a partnership to allow users to trade cryptocurrencies, view their balance and get deposit addresses through an opt-in widget in the Brave browser.
Binance isn’t the only website Brave is injecting its own referral links into. It is also doing the same thing for websites owned by Ledger, Trezor, and Coinbase.
The discovery was later made by another Twitter user Larry Cermak ( @lawmaster ) who shared it via the following tweet.
Looks like it’s not a very isolated mistake. Brave also does this for Ledger, Trezor and Coinbase if you look in their Github https://t.co/8PpnlS5jAu https://t.co/JGQ7d23fer pic.twitter.com/keorBZiDJL — Larry Cermak (@lawmaster) June 6, 2020
“The autocomplete default was inspired by search query clientid attribution that all browsers do, but unlike keyword queries, a typed-in URL should go to the domain named, without any additions. Sorry for this mistake — we are clearly not perfect, but we correct course quickly.”
