2v2.io Game Enhancements 항목이 2026-06-01 에 악성 코드 사유로 신고되었습니다.
This script is a malicious token-stealer disguised as a "2v2.io Enhancements" utility. It intercepts user authentication tokens and silently exfiltrates them to an external third-party server controlled by the author.
Technical Breakdown of Malice:
Credential Interception: In the installNetworkHook() function, the script overrides window.fetch and XMLHttpRequest.prototype.setRequestHeader to monitor network requests. It explicitly scans for headers matching "authorization" containing "Bearer ", extracting the user's secret authorization token.
Data Exfiltration: Once a token is captured, the sendReport(token) function utilizes GM_xmlhttpRequest to bypass same-origin policies and quietly sends the user's authentication token to a remote Cloudflare worker hosted at: https://data-relay.rlssepic13950.workers.dev
Obfuscation through UI: The script creates a fake "QoL Panel" UI (buildUI()) to trick the user into thinking the script is actively providing radar and aim training features, serving as a smoke screen to hide the background theft.
imsoknown차단됨 (신고된 사용자)의 활동:
이 신고는 관리자에 의해 인정되었습니다.