LINKEDIN BROWSERGATE

LINKEDIN BROWSERGATE

https://securityaffairs.com/191383/security/linkedin-browsergate.html

Publish Date: 2026-04-27 09:31:00

Source Domain: securityaffairs.com

LINKEDIN BROWSERGATE

Pierluigi Paganini
April 27, 2026

BrowserGate claims LinkedIn secretly fingerprints users via extensions and device data, sending encrypted results to third parties for tracking.

BrowserGate is an investigation conducted by Fairlinked (https://browsergate.eu/), an association of commercial LinkedIn users, which documents what it describes as one of the largest data breach and corporate espionage scandals in digital history. The central thesis: every time one of the billions of users visits linkedin.com, hidden code scans the computer for installed software, collects the results, and transmits them to LinkedIn servers and third-party companies, including a US-Israeli cybersecurity firm.

The user is never informed nor asked for consent. LinkedIn’s privacy policy makes no mention of it.

The system consists of three cooperating modules within a single JavaScript bundle (Webpack chunk.905, ~2.7 MB, Ember.js framework):

Stage 1 — Active Extension Detection (AED)

Inside Webpack module 75023, there is a hardcoded array with entries in the form {id: “…”, file: “…”} where id is the Chrome Web Store extension ID and file is a path to an internal extension resource declared as web-accessible.

The probing mechanism:

Chrome extensions can expose internal files to web pages through the web_accessible_resources field in their manifest.json. When an extension is installed and has exposed a resource, a fetch() request to chrome-extension://{id}/{file} will succeed. When it is not installed, Chrome blocks the request and the promise is rejected.

Method 1 — Parallel batch scan: All fetch() requests are…

Source