Full Report
New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Security, which discovered nearly 3,000 Google API keys (identified by the prefix "AIza") embedded in client-side code to provide Google-related services like
Analysis Summary
# Vulnerability: Exposed Google Cloud API Keys Grant Unauthorized Access to Gemini Endpoints
## CVE Details
- CVE ID: Not explicitly assigned in the provided text segment.
- CVSS Score: Not explicitly provided.
- CWE: Likely related to CWE-311 (Missing Encryption of Sensitive Data) or CWE-1164 (Secrets Exposed in Code) based on the nature of the exposure.
## Affected Systems
- Products: Google Cloud Projects utilizing API Keys (identified by prefix "AIza") with the Generative Language API (Gemini API) enabled.
- Versions: Any project configuration where existing, publicly exposed API keys have the Gemini API subsequently enabled.
- Configurations: Projects where API keys are deployed in client-side code (e.g., JavaScript) and default key creation settings ("Unrestricted") are active, granting access to all enabled APIs including Gemini.
## Vulnerability Description
Google Cloud API keys, intended primarily for billing identification and typically deployed publicly (e.g., embedded in client-side website code), have been found to automatically gain authentication privileges for sensitive Gemini API endpoints once the Generative Language API is enabled in the associated Google Cloud project. This occurs because existing keys retain their access scope, and newly created keys often default to "Unrestricted," covering all active APIs. An attacker can scrape these publicly exposed keys and use them to make Gemini API calls, access sensitive endpoints like `/files` and `/cachedContents`, and incur usage costs on the victim's account.
## Exploitation
- Status: Exploitation potential is high; one unverified report suggests significant financial exploitation occurred ($82k in charges). Public discovery of 2,863 live keys suggests widespread exposure. PoC is implicitly available via simple API calls using the scraped keys.
- Complexity: Low (Requires only scraping publicly accessible client-side code and making authenticated API requests).
- Attack Vector: Network (External access via the internet).
## Impact
- Confidentiality: High (Potential access to uploaded files and cached data via specific endpoints).
- Integrity: Medium (Ability to perform actions or modify data accessible by the key permissions).
- Availability: Low (No direct impact on service availability, but potential for quota exhaustion leading to denial of service for legitimate use).
## Remediation
### Patches
- Google has implemented **proactive measures to detect and block leaked API keys** attempting to access the Gemini API. (Specific patch versions/updates are not detailed.)
### Workarounds
1. **Identify and rotate** any API keys found exposed in client-side code, public repositories, or configuration files, starting with the oldest keys first.
2. Review Google Cloud projects and **verify if AI-related APIs are enabled.**
3. **Restrict API Key Scope:** Do not use keys with "Unrestricted" access if they must be deployed outside secure backends; explicitly limit keys to only the services absolutely required.
## Detection
- Indicators of compromise: Unexpected high usage in the Gemini API dashboard, or API calls originating from unknown sources targeting endpoints like `/files` or `/cachedContents` using exposed "AIza..." keys.
- Detection methods and tools: Security scanning tools capable of detecting secrets in client-side code or source code repositories (as utilized by Truffle Security and Quokka). Monitoring Cloud Audit Logs and Billing Alerts for unexpected API usage spikes, particularly related to the Gemini service.
## References
- Truffle Security Blog: hxxps://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules
- Related findings (Mobile Apps): hxxps://www.quokka.io/blog/google-gemini-api-key-mobile-app-security-risk
- User Claim of Abuse: hxxps://www.reddit.com/r/googlecloud/comments/1reqtvi/82000_in_48_hours_from_stolen_gemini_api_key_my/