- Exposed Google API keys allow attackers to execute unlimited Gemini AI queries
- Developers suffer serious financial losses due to unauthorized access to AI infrastructure
- Hardcoded credentials elevate public IDs to active auth tokens for Gemini AI
Developers face serious consequences as exposed Google API keys are exploited to access Gemini AI without authorization, leading to significant financial losses, experts have warned.
CloudSek security researchers discovered that the root cause of these incidents lies in the unintentional elevation of publicly available API keys to live Gemini AI credentials.
Many developers have long integrated keys for services like Maps or Firebase into public applications, following official Google guidelines – without ever imagining that these keys would allow access to the AI infrastructure.
Article continues below
Elevation of publicly available API keys is the root cause
One case involved a solo developer whose startup nearly collapsed after an attacker used a publicly available key to flood Gemini AI with inference queries.
The developer revoked the key within minutes of receiving a billing alert, but due to a reporting lag in Google Cloud’s billing system, the charges had already reached $15,400.
Similarly, a Japanese company suffered approximately $128,000 in unauthorized use of the Gemini API, despite firewall-level IP restrictions.
Additionally, a small development team in Mexico saw an increase of $82,314 in just 48 hours, a dramatic 455x increase over typical spending.
“This issue does not stem from developer negligence; the implementations were within the guidelines prescribed by Google,” said Tuhin Bose, cybersecurity researcher at CloudSEK.
He explained that the architecture effectively converted non-sensitive identifiers into authentication tokens, creating a systemic vulnerability in many applications.
CloudSEK’s research identified 32 Google API keys exposed in 22 Android apps with a combined install base exceeding 500 million users.
Affected apps include household names such as the OYO Hotel Booking app, Google Pay for Business, Taobao and ELSA Speak.
Researchers confirmed data exposure in ELSA Speak when they accessed user-submitted audio files through the Gemini Files API.
The vulnerability allows attackers to make unrestricted Gemini API calls, access sensitive user data, and exhaust organization API quotas.
It can also persist throughout application update cycles, causing serious consequences for both developers and end users.
Developers who had followed Google’s advice now unknowingly hold live credentials for powerful AI tools, without notification or opt-in prompts.
Technical measures such as key revocation and restriction of project authorizations can mitigate exposure.
However, the financial and operational impact on developers is substantial, suggesting that current practices for managing API keys and AI integrations require immediate re-evaluation.
Exposing hardcoded credentials demonstrates the risks inherent in assuming backwards compatibility for modern AI-enabled cloud services.
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
