Thousands of Google Cloud API Keys Exposed via Gemini Access After API Enablement
Thousands of Public Google Cloud API Keys Exposed to Gemini Access
A recent discovery by Truffle Security has revealed that nearly 3,000 Google Cloud API keys, typically used for billing purposes, have been inadvertently exposed to sensitive Gemini endpoints. This vulnerability has granted unauthorized access to private data, allowing attackers to upload files, access cached data, and accumulate charges on the victim’s account.
The Issue
The issue arises when users enable the Gemini API on a Google Cloud project, causing existing API keys to gain surreptitious access to Gemini endpoints without warning or notice. This allows attackers to scrape websites, obtain API keys, and use them for malicious purposes, including quota theft and accessing sensitive files.
Truffle Security found that creating a new API key in Google Cloud defaults to “Unrestricted,” making it applicable to every enabled API in the project, including Gemini. As a result, thousands of API keys that were initially deployed as benign billing tokens are now live Gemini credentials accessible on the public internet.
Consequences and Recommendations
The company identified 2,863 live keys accessible on the public internet, including a website associated with Google. This discovery comes on the heels of a similar report by Quokka, which found over 35,000 unique Google API keys embedded in its scan of 250,000 Android apps.
The potential consequences of this vulnerability are significant, as compromised API keys can lead to cost abuse, inference access, quota consumption, and integration with broader Google Cloud resources. This creates a risk profile that is materially different from the original billing-identifier model developers relied upon.
“This is a great example of how risk is dynamic, and how APIs can be over-permissioned after the fact,” said Tim Erlin, security strategist at Wallarm. “Finding vulnerabilities isn’t really enough for APIs. Organizations have to profile behavior and data access, identifying anomalies and actively blocking malicious activity.”
Google has since acknowledged the issue and worked with researchers to address the problem. The company has implemented proactive measures to detect and block leaked API keys attempting to access the Gemini API. However, it is currently unknown if this issue was ever exploited in the wild.
In a related incident, a user reported a “stolen” Google Cloud API Key resulting in $82,314.44 in charges between February 11 and 12, 2026. Users who have set up Google Cloud projects are advised to check their APIs and services, verify if AI-related APIs are enabled, and rotate their API keys, starting with the oldest ones first.
Conclusion
This incident highlights the dynamic nature of risk and the need for continuous security testing, vulnerability scanning, and assessments. As APIs evolve and new technologies are adopted, organizations must profile behavior and data access, identifying anomalies and actively blocking malicious activity.
About Author
English