Recent research has uncovered a significant security risk involving Google Cloud API keys, which are typically used for billing purposes. These keys can potentially be exploited to access sensitive Gemini endpoints and retrieve private data, according to findings by Truffle Security.
Discovery of Vulnerable API Keys
Truffle Security’s investigation identified nearly 3,000 Google API keys embedded in client-side code, often used for services like embedded maps. These keys, marked by the prefix ‘AIza’, can allow unauthorized access to uploaded files and cached data, as well as incur charges to the user’s account through the Gemini API, despite not being originally intended for this purpose.
The issue arises when the Gemini API is activated on Google Cloud projects, granting existing API keys unintended access to Gemini endpoints. This creates opportunities for malicious actors to scrape websites, obtain these keys, and misuse them for unauthorized access to sensitive files and to generate substantial charges for the account holders.
Security Implications and Industry Response
Furthermore, Truffle Security found that new API keys in Google Cloud default to an ‘Unrestricted’ setting, making them applicable to all enabled APIs in a project, including Gemini. This has resulted in thousands of API keys being exposed on the public internet, with 2,863 live keys identified by the company. A similar report by Quokka revealed over 35,000 unique Google API keys embedded across 250,000 Android apps.
The risks extend beyond potential cost abuse. Organizations must consider the broader implications of AI-enabled endpoints interacting with prompts, generated content, and cloud services, which can significantly alter the risk profile associated with these keys.
Google’s Response and Recommendations
Google has acknowledged the issue and collaborated with researchers to resolve it. A spokesperson emphasized their commitment to user data protection and stated that proactive measures have been implemented to detect and block leaked API keys attempting to access the Gemini API.
While it’s unclear if these vulnerabilities have been exploited, a Reddit user recently reported a $82,314.44 charge due to a stolen Google Cloud API key. Users are advised to review their Google Cloud projects, verify AI-related API enablement, and rotate keys if necessary, focusing on older keys first, as they are more likely to have been publicly exposed.
Security experts emphasize the need for continuous security testing and vulnerability assessments. APIs, particularly those integrated with AI, require careful behavior profiling and anomaly detection to mitigate risks associated with changes in their operations or data access capabilities.
