Scammers have been caught using a clever sleight of hand to impersonate the website for the Brave browser and using it in Google ads to push malware that takes control of browsers and steals sensitive data.
The attack worked by registering the domain xn--brav-yva[.]com, an encoded string that...

Link: With help from Google, impersonated Brave.com website pushes malware
via arstechnica.com