With help from Google, impersonated Brave.com website pushes malware

Source

Enlarge (credit: Getty Images ) Scammers have been caught using a clever sleight of hand to impersonate the website for the Brave browser and using it in Google ads to push malware that takes control of browsers and steals sensitive data. The attack worked by registering the domain xn--brav-yva[.]com, an encoded string that uses what’s known as punycode to represent bravė[.]com, a name that when displayed in browsers address bars is confusingly similar to brave.com, where people download the Brave browser. Bravė[.]com (note the accent over the letter E) was almost a perfect replica of brave.com, with one crucial exception: [...]