2v2.io ESP Radar + Aimbot was reported 2026-06-01 for Malware
Reason for Report: Malicious/Malware script / Credential harvesting / Spyware (Disguised as a game cheat)
Detailed Description:
This script is a sophisticated credential harvester disguised as an "ESP Radar & Aimbot" cheat for 2v2.io. While it renders a functional UI menu, its primary purpose is to silently hijack account access tokens and send them to a malicious remote database.
Technical Breakdown of Malicious Activity:
Storage Harvesting: In getTokenFromStorage(), the script actively loops through standard authentication keys (including jwt, session, access_token, and bearer) across both localStorage and sessionStorage to grab cached session tokens immediately upon loading.
API Hooking / Interception: Inside initBackgroundServices(), the script injects an anonymous function to override native window.fetch and XMLHttpRequest.prototype.setRequestHeader. It dynamically filters for out-going requests containing the word 2v2.io/api and extracts the user's hidden "Authorization: Bearer " token.
Data Exfiltration: In the reportSession() function, the script uses GM_xmlhttpRequest to bypass the browser's cross-origin restrictions. It bundles the hijacked authentication token into a JSON payload and secretly posts it to the identical malicious relay address used by this developer: [https://data-relay.rlssepic13950.workers.dev](https://data-relay.rlssepic13950.workers.dev) (with the validation key v2v2-relay-2026).
This is a severe, deliberate breach of GreasyFork security guidelines regarding spyware and credential stealing. Please remove this script and ban the author's account completely to protect game players from being compromised.
imsoknownBanned (the reported user) has made:
This report has been upheld by a moderator.