Linkedin Browsergate

❗This article uses tone or wording inconsistent with the editorial guidelines.

A moderator needs to check the page before this notice can be removed. Visit the noticeboard or the #appeals channel in either Zulip or Discord to request removal.

More info ▼

The wiki's voice should remain neutral and avoid loaded language or unnecessary offence. Direct attacks on individuals or companies are not permitted; malice may only be attributed through quotation and citation, never in the wiki's voice. In theme articles argumentation is allowed but should be clear, formal, and never inflammatory.

LinkedIn Is Illegally Searching Your Computer.

Microsoft is running one of the largest corporate espionage operations in modern history.

Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm.

The user is never asked. Never told. LinkedIn’s privacy policy does not mention it.

Because LinkedIn knows each user’s real name, employer, and job title, it is not searching anonymous visitors. It is searching identified people at identified companies. Millions of companies. Every day. All over the world.

This is illegal and potentially a criminal offense in every jurisdiction we have examined.

LinkedIn uses hidden JavaScript to silently scan users' browsers for over 6,000 installed extensions. This includes scans for competitors' tools, privacy software (VPNs/Ad-blockers), and extensions revealing sensitive personal data (religion/politics). The scan bypasses security boundaries and maps corporate software infrastructure without user consent. ^[1]

Incident

LinkedIn uses hidden JavaScript to silently scan users' browsers for over 6,000 installed extensions. This includes scans for competitors' tools, privacy software (VPNs/Ad-blockers), and extensions revealing sensitive personal data (religion/politics). The scan bypasses security boundaries and maps corporate software infrastructure without user consent.

Targeting:

The scans look for tools used by competitors, VPNs, ad blockers, and even extensions that reveal sensitive personal info like religion or political leanings

Corporate Espionage:

Because LinkedIn knows your employer, it can map the internal software infrastructure of millions of companies ^[2]

Consumer response

Recommendation: Use Firefox, which is not susceptible to this specific API exploit.
Technical Fix: Block the specific script Chunk 905 via network filtering.

References

↑ "uncontrolled". Retrieved browsergate. {{cite web}}: Check date values in: |access-date= (help)
↑ https://www.youtube.com/watch?v=mHj6IvBmlpU. {{cite web}}: |first= missing |last= (help); Missing or empty |title= (help)

2. https://browsergate.eu/

3. https://www.youtube.com/watch?v=mHj6IvBmlpU

4. https://www.youtube.com/watch?v=f2i4KuXlF7c

[1] "uncontrolled". Retrieved browsergate. {{cite web}}: Check date values in: |access-date= (help)

[2] ttps://www.youtube.com/watch?v=mHj6IvBmlpU. {{cite web}}: |first= missing |last= (help); Missing or empty |title= (help)

[1]

[2]