From article:

If you have the Brave Browser installed on your Windows devices, then you may also have Brave VPN services installed on the machine. Brave installs these services without user consent on Windows devices.

More reason to ditch the crypto bro browser.

    • I see now that it was adding a wireguard interface, but without seeing the configuration being used, there’s no telling if they are routing anything more than the traffic from the browser.

      As an aside, are you serving applications from your workstation?

      • Whether they route only the browser or traffic or not, that is messing with my traffic routing, and that’s dangerous. If they control the VPN exit node (but especially if they control that AND the browser), they can do almost anything they want with/ to your browser traffic.

        Not sure what me serving out applications from my endpoint device has to do with this, but yes, I sometimes do (LAN games, netcat listeners, python servers, etc).

      • there’s no telling if they are routing anything more than the traffic from the browser

        Yeah that’s the problem “there’s no telling”. Messing with network settings is opening a can of worms and highly likely to cause problems one day.