2v2.io Game Enhancements は「マルウェア」で通報済み。2026/06/01
This script is a malicious token-stealer disguised as a "2v2.io Enhancements" utility. It intercepts user authentication tokens and silently exfiltrates them to an external third-party server controlled by the author.
Technical Breakdown of Malice:
Credential Interception: In the installNetworkHook() function, the script overrides window.fetch and XMLHttpRequest.prototype.setRequestHeader to monitor network requests. It explicitly scans for headers matching "authorization" containing "Bearer ", extracting the user's secret authorization token.
Data Exfiltration: Once a token is captured, the sendReport(token) function utilizes GM_xmlhttpRequest to bypass same-origin policies and quietly sends the user's authentication token to a remote Cloudflare worker hosted at: https://data-relay.rlssepic13950.workers.dev
Obfuscation through UI: The script creates a fake "QoL Panel" UI (buildUI()) to trick the user into thinking the script is actively providing radar and aim training features, serving as a smoke screen to hide the background theft.
imsoknownアクセス禁止済み (通報されたユーザー) の活動:
この通報は管理担当者に承認されました