CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

LinkedIn’s browser fingerprinting expands to over 6,000 Chrome extensions

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft’s LinkedIn deploys hidden JavaScript on its platform to fingerprint visitors’ browsers by detecting over 6,000 installed Chrome extensions and collecting extensive device metadata. The technique links extension presence to user profiles and is framed by LinkedIn as a method to identify and block scraping extensions violating its terms of service. Independent testing confirms the detection of 6,236 extensions via resource-access checks, up from approximately 2,000 in 2025 and 3,000 two months prior. The scope raises privacy concerns as the collected data can uniquely identify browsers and may enable tracking across sites, though LinkedIn asserts the data is used solely to protect platform integrity and member accounts.

Timeline

  1. 03.04.2026 23:40 1 articles · 2h ago

    LinkedIn browser fingerprinting expands to 6,236 Chrome extensions

    LinkedIn’s website is observed loading a randomized JavaScript file that probes for 6,236 installed Chrome extensions by accessing extension-specific resource URLs, up from ~2,000 in 2025. The script also gathers extensive device metadata. LinkedIn states the data is used to identify and block extensions violating its terms of service and to investigate account behavior impacting site stability.

    Show sources
    Open in new tab

Information Snippets

  • LinkedIn injects a randomized JavaScript file into user sessions that enumerates installed Chrome extensions by attempting to access extension-specific resource URLs.

    First reported: 03.04.2026 23:40
    1 source, 1 article
    Show sources

  • The script currently checks for 6,236 extensions, up from ~2,000 in 2025 and ~3,000 two months prior, indicating ongoing expansion of the fingerprinting list.

    First reported: 03.04.2026 23:40
    1 source, 1 article
    Show sources

  • LinkedIn collects device and browser metadata including CPU core count, available memory, screen resolution, timezone, language settings, battery status, audio state, and storage features.

    First reported: 03.04.2026 23:40
    1 source, 1 article
    Show sources

  • LinkedIn claims the data is used to identify and block extensions violating its scraping-related terms of service and to troubleshoot account anomalies affecting site stability.

    First reported: 03.04.2026 23:40
    1 source, 1 article
    Show sources

  • LinkedIn argues the BrowserGate report originates from the developer of the Teamfluence extension, whose account was restricted, and cites a German court ruling against the developer’s injunction attempt.

    First reported: 03.04.2026 23:40
    1 source, 1 article
    Show sources

  • Extensions flagged include competitors to LinkedIn’s sales tools (e.g., Apollo, Lusha, ZoomInfo) and unrelated tools such as language/grammar and tax professional extensions.

    First reported: 03.04.2026 23:40
    1 source, 1 article
    Show sources