- Google Cloud API keys embedded in public website code can be abused to authenticate to Gemini AI endpoints.
- Researchers found nearly 3,000 exposed keys and warn of risks like quota theft and access to private data.
- A recent Reddit post detailed an instance of $82,000 in charges from a potentially stolen key.
- Google states it has implemented measures to detect and block leaked keys attempting to access the Gemini API.
Security researchers at Truffle Security revealed in recent research that publicly accessible Google Cloud API keys can be weaponized to access sensitive Gemini AI endpoints. This critical vulnerability emerged after users enabled the Generative Language API, retroactively granting old billing keys new AI privileges. Consequently, these keys, designed for services like maps, became live credentials for AI models without warning.
The company discovered 2,863 such keys live on the public internet, according to their report. With a valid key, an attacker can access uploaded files and cached data while charging LLM usage to the victim’s account. Researcher Joe Leon emphasized that keys “now also authenticate to Gemini even though they were never intended for it.”
Meanwhile, a similar investigation by mobile security firm Quokka found over 35,000 unique Google API keys in Android apps. They warned that this “creates a risk profile that is materially different,” as detailed in their own analysis. The issue potentially allows for automated LLM requests and quota consumption, leading to massive bills.
Google has since addressed the problem, with a spokesperson confirming proactive measures are in place. However, the real-world impact may already be significant, as suggested by a user reporting exorbitant charges. Security strategist Tim Erlin noted this demonstrates how “risk is dynamic, and how APIs can be over-permissioned after the fact.”
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
