LinkedIn or a Spyware? 6000+ Extension Scans Spark Privacy Questions in BrowserGate Report

Key Highlights

  • A BrowserGate report claims LinkedIn scans 6,236 Chrome extensions during page loads
  • The script also collects device fingerprinting signals like CPU, memory, and battery status
  • Researchers say some scanned extensions belong to LinkedIn competitors
  • LinkedIn says the scanning helps detect scraping tools that violate platform rules

A new security report claims LinkedIn may be scanning thousands of browser extensions and collecting hardware-level device signals every time users load a page. The findings come from the “BrowserGate” investigation by Fairlinked e.V., with independent confirmation from BleepingComputer.

The report says the script checks for 6,236 Chrome extensions and gathers system telemetry such as CPU cores, available memory, and screen details. LinkedIn says the activity helps identify extensions that scrape user data without consent.

What does the BrowserGate report say about LinkedIn?

According to researchers behind the BrowserGate report, LinkedIn injects a JavaScript fingerprinting script into page loads that probes browsers for installed extensions. The technique relies on checking file resources linked to known extension IDs.

This approach allows websites to detect whether specific Chrome extensions exist on a visitor’s system. Researchers say the current scan list includes more than 6,000 extensions. Earlier repositories documented roughly 2,000 checks in 2025 and about 3,000 earlier this year.

Now, the scope appears significantly larger.

The report also claims more than 200 scanned extensions belong to competing sales intelligence platforms such as Apollo, Lusha, and ZoomInfo. These tools overlap with LinkedIn’s own enterprise data offerings.

Researchers also observed checks targeting grammar tools, tax software extensions, and other unrelated categories.

What device data is reportedly being collected?

Beyond extension detection, the BrowserGate report says the script gathers several hardware and browser-level signals. These include:

CPU core count
Available device memory
Screen resolution
Language settings
Time zone offset
Battery status
Storage capability indicators

Such signals are commonly used for browser fingerprinting. This method builds a unique device profile using multiple technical attributes instead of cookies.

Because LinkedIn accounts are tied to real identities, researchers warn that combining extension lists with fingerprinting signals may increase the precision of user identification.

However, the report does not claim LinkedIn uses the data to track individuals across the web.

Why does LinkedIn say it scans extensions?

LinkedIn told BleepingComputer the extension detection process exists to protect members and prevent unauthorized scraping activity.

A company spokesperson said the platform monitors extensions that collect user data without permission or interfere with site performance. The statement added that the company does not use the information to infer sensitive user traits.

LinkedIn also pointed to the background of the BrowserGate report’s author. According to the company, the researcher was connected to a browser extension called Teamfluence. LinkedIn previously restricted accounts associated with that tool for violating platform policies.

A German court later denied a preliminary injunction request related to that restriction.

Is browser fingerprinting like this common across the web?

Browser fingerprinting is not unique to LinkedIn. Several major platforms have used similar detection techniques in recent years.

In 2021, researchers found eBay running scripts that performed automated port scans on visitors’ devices to detect remote-access software. The same code later appeared on websites linked to Citibank, TD Bank, and Equifax.

Security researchers say fingerprinting helps platforms detect bots, prevent scraping, and reduce fraud risks. However, privacy advocates argue that the practice raises transparency concerns when users are unaware it is happening.

Did the report confirm data sharing with third parties?

The BrowserGate report claims the collected signals may be transmitted to HUMAN Security, a cybersecurity firm. However, BleepingComputer said this claim has not been independently verified.

That means there is currently no confirmed evidence showing how the extension data is stored or shared beyond LinkedIn’s internal systems.

Still, the scale of extension scanning described in the report has sparked debate among privacy researchers and enterprise software users.

Why the LinkedIn BrowserGate report matters now

The BrowserGate findings arrive at a time when browser fingerprinting is receiving renewed regulatory attention worldwide. Governments and privacy watchdogs are increasingly examining how platforms collect device-level signals without explicit disclosure.

LinkedIn maintains that its extension detection protects member data and platform stability. However, the BrowserGate report adds new scrutiny to how LinkedIn monitors browser environments during routine page visits.

As investigations continue, the discussion around transparency in extension scanning is likely to grow.

134 Views