low

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

April 6, 2026·BleepingComputer·Threat Intel
privacydata-collectionbrowser-securitylinkedincorporate-surveillance

LinkedIn Caught Secretly Scanning Browsers for Chrome Extensions in "BrowserGate" Report

TL;DR: Security researchers have discovered that LinkedIn uses hidden JavaScript to scan visitors' browsers for over 6,000 Chrome extensions and collect device fingerprinting data, raising serious privacy concerns about corporate surveillance practices on major platforms.

What Happened

According to a new report dubbed "BrowserGate" highlighted by BleepingComputer, Microsoft-owned LinkedIn has been covertly running JavaScript scripts on its website to enumerate installed browser extensions and gather device characteristics from visitors. The scanning capability reportedly covers more than 6,000 different Chrome extensions, creating detailed profiles of users' browsing habits and installed software.

This discovery adds LinkedIn to a growing list of major websites engaged in aggressive browser fingerprinting techniques, though the scale and stealth of the extension scanning appears particularly extensive.

Technical Analysis

Browser extension enumeration is a sophisticated fingerprinting technique that exploits how extensions interact with web pages. When extensions are installed, they often inject scripts, modify page elements, or create detectable changes in the browser environment. Malicious or privacy-invasive scripts can probe for these signatures to build a comprehensive picture of what extensions a user has installed.

The technique typically works by:


Extension profiles are particularly valuable for tracking because they're relatively stable compared to other fingerprinting methods and can reveal detailed information about user interests, profession, security posture, and browsing habits.

Impact & Who's Affected

This affects virtually all LinkedIn users who visit the platform with Chrome browsers. The privacy implications are significant:


The data collection appears to violate user expectations of privacy and potentially runs afoul of regulations like GDPR, which requires explicit consent for non-essential data processing.

What You Should Do

Immediate actions:


Longer-term security posture:

For organizations:

The Bigger Picture

This revelation underscores the evolving landscape of corporate data collection, where traditional tracking methods are being supplemented by increasingly sophisticated fingerprinting techniques. As third-party cookies face deprecation and privacy regulations tighten, companies are turning to more invasive methods to maintain detailed user profiles.

The fact that a Microsoft-owned professional networking platform is engaging in such practices signals that extension scanning may become more widespread across major web properties. This represents a fundamental shift in the privacy threat model – users must now consider not just what they share explicitly, but what their browser configuration inadvertently reveals.

Security professionals should treat this as a wake-up call to reassess browser security policies and user privacy protections within their organizations.

Source: BleepingComputer research and "BrowserGate" security report

← All Threat IntelSource: BleepingComputer