The CodexUI Android Anomalous Supply-Chain Inversion: A Paradox of Developer Malevolence

Recently, multiple supply-chain incursions have plagued the NPM ecosystem. Typically, cybercriminals leverage leaked credentials to manipulate repositories and distribute compromised iterations. However, an utterly bizarre campaign has recently materialized. Specifically, the popular NPM package CodexUI Android actively exfiltrates user Codex authentication keys. Consequently, this operation seeks to siphon confidential information or illicitly liquidate access quotas.

The Illusive Facade of Open-Source Contributions

The CodexUI Android platform provides clients with a remote interface layer. Ostensibly, the project maintains a legitimate, actively developed open-source repository. Furthermore, the library boasts an impressive volume of nearly 110,000 monthly downloads. Nevertheless, since April 2026, every functional invocation surreptitiously dispatches client authentication tokens to an adversarial infrastructure node.

To evade community scrutiny, the developer strategically omitted the malicious payload from the public source repository. Conversely, the binaries distributed via NPM contained the active compromise logic. Once a user initializes authentication, the rogue module transmits the telemetry directly to sentry.anyclaw.store.

Fortuitously, the architect neglected to purge the corresponding sourcemap files from the NPM deployment package. This oversight enabled forensic analysts to effortlessly deconstruct the execution architecture and isolate the malicious module. Specifically, engineers traced the backdoor to chunk-PUR70UAG.js. This script executes instantly upon module instantiation without requiring user interaction.

An Inexplicable Rupture of Professional Integrity

This same developer similarly published a mobile application entitled OpenClaw Codex Claude AI Agent on Google Play. During its boot sequence, this application installs the compromised NPM build directly onto the endpoint. Ultimately, this secondary vector targets the identical harvesting of user Codex access keys. Surprisingly, the creator also governs BrutalStrike, a highly successful game with over five million downloads.

Therefore, the motivation behind this sudden descent into repository poisoning remains profoundly baffling. Inevitably, the exposure of this behavior precipitates complete platform banishment. This fallout includes the deletion of open-source projects and the termination of developer profiles. Regarding monetization, the threat actor likely channels the harvested credentials into illicit API syndicates. Subsequently, these aggregators liquidate the stolen access tokens to downstream consumers based on computational volume.