LinkedIn is running a JavaScript fingerprinting script on its website that checks visitors' browsers for more than 6,236 installed Chrome extensions and collects various device data, according to a report by Fairlinked e.V. BleepingComputer independently verified the existence and behavior of the script through its own testing.
The script is loaded from a file with a randomized filename and detects extensions by attempting to access static file resources associated with specific extension IDs, a technique known for browser fingerprinting. Previously, the same script was identified in 2025 when it was scanning for around 2,000 extensions. A GitHub repository from two months ago listed 3,000 extensions. Currently, the script detects 6,236 extensions.
Data Collected by LinkedIn’s Fingerprinting Script
Beyond simply detecting extensions, the script collects various browser and device data, such as CPU core count, available memory, screen resolution, timezone, language settings, battery status, audio details, and storage features.
The extensions identified include tools that directly compete with LinkedIn's own sales products, like Apollo, Lusha, and ZoomInfo, as well as grammar and language tools, tax software, and other categories that seem unrelated to LinkedIn's platform.
LinkedIn’s Explanation for the Extension Scanning
LinkedIn confirms that extension scanning is taking place. In a statement to BleepingComputer, the company explained that this detection is used to identify extensions that scrape member data without permission or break LinkedIn's Terms of Service, as well as to monitor unusual data-fetching activity that could impact platform stability.
"We do not use this data to infer sensitive information about members," LinkedIn stated.
The company also links the BrowserGate report to a developer behind a LinkedIn-related browser extension called Teamfluence, whose account was restricted for violating terms of service, including scraping. A German court rejected the developer's request for a preliminary injunction, ruling that LinkedIn's actions did not constitute unlawful obstruction. LinkedIn describes the report as an attempt to reopen that dispute publicly.
Unverified Claims and Open Questions
BleepingComputer states it could not independently verify the claims in the report regarding how the collected data is used or whether it is shared with third parties. The connection between extension detection results and LinkedIn enforcement actions described in the Fairlinked report has not been verified.
Browser fingerprinting of this kind has been used by other companies in the past. In 2021, eBay was found to run JavaScript port scans on visitors' devices. Later reports identified the same script in use at Citibank, TD Bank, Equifax, and several other organizations.
LinkedIn has not disclosed how long the extension scanning script has been active, how the collected data is stored, or what retention policies apply.
Thank you for being a Ghacks reader. The post LinkedIn Uses Hidden JavaScript to Scan for Over 6,000 Chrome Extensions on Visitors' Browsers appeared first on gHacks.
0 Commentaires