Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
嗯,用户让我用中文总结这篇文章,控制在100字以内,而且不需要特定的开头。首先,我需要通读整篇文章,抓住主要信息。 文章讲的是Google Cloud的API密钥被滥用,用于访问敏感的Gemini端点和私有数据。Truffle Security发现了近3000个这样的密钥嵌入在客户端代码中。攻击者可以利用这些密钥访问上传的文件、缓存数据,并且消耗受害者的LLM使用额度,甚至导致巨额账单。 此外,创建新的API密钥默认是“无限制”的,意味着它们可以用于所有启用的API,包括Gemini。这导致了很多原本用于计费的密钥现在成了有效的Gemini凭证,暴露在互联网上。 Google已经采取措施检测和阻止泄露的密钥访问Gemini API。用户建议检查他们的API和服务,特别是AI相关的,并旋转密钥。 总结的时候要简洁明了,涵盖主要问题、影响和建议措施。控制在100字以内的话,可能需要精简到关键点:Google Cloud API密钥被滥用,导致敏感数据和费用风险,用户需检查和更新密钥。 </think> Google Cloud API 密钥被滥用可访问敏感 Gemini 端点和私有数据。Truffle Security 发现 2,863 个暴露在互联网上的 API 密钥,默认无限制且可用于 Gemini API。攻击者可利用这些密钥访问文件、缓存数据并消耗 LLM 额度,甚至导致巨额账单。Google 已采取措施检测和阻止泄露密钥。建议用户检查 API 和服务,并及时更新密钥以降低风险。 2026-2-28 09:56:0 Author: thehackernews.com(查看原文) 阅读量:5 收藏

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data.

The findings come from Truffle Security, which discovered nearly 3,000 Google API keys (identified by the prefix "AIza") embedded in client-side code to provide Google-related services like embedded maps on websites.

"With a valid key, an attacker can access uploaded files, cached data, and charge LLM-usage to your account," security researcher Joe Leon said, adding the keys "now also authenticate to Gemini even though they were never intended for it."

The problem occurs when users enable the Gemini API on a Google Cloud project (i.e., Generative Language API), causing the existing API keys in that project, including those accessible via the website JavaScript code, to gain surreptitious access to Gemini endpoints without any warning or notice.

This effectively allows any attacker who scrapes websites to get hold of such API keys and use them for nefarious purposes and quota theft, including accessing sensitive files via the /files and /cachedContents endpoints, as well as making Gemini API calls, racking up huge bills for the victims.

In addition, Truffle Security found that creating a new API key in Google Cloud defaults to "Unrestricted," meaning it's applicable for every enabled API in the project, including Gemini.

"The result: thousands of API keys that were deployed as benign billing tokens are now live Gemini credentials sitting on the public internet," Leon said. In all, the company said it found 2,863 live keys accessible on the public internet, including a website associated with Google.

The disclosure comes as Quokka published a similar report, finding over 35,000 unique Google API keys embedded in its scan of 250,000 Android apps.

"Beyond potential cost abuse through automated LLM requests, organizations must also consider how AI-enabled endpoints might interact with prompts, generated content, or connected cloud services in ways that expand the blast radius of a compromised key," the mobile security company said.

"Even if no direct customer data is accessible, the combination of inference access, quota consumption, and possible integration with broader Google Cloud resources creates a risk profile that is materially different from the original billing-identifier model developers relied upon."

Although the behavior was initially deemed intended, Google has since stepped in to address the problem.

"We are aware of this report and have worked with the researchers to address the issue," A Google spokesperson told The Hacker News via email. "Protecting our users' data and infrastructure is our top priority. We have already implemented proactive measures to detect and block leaked API keys that attempt to access the Gemini API."

It's currently not known if this issue was ever exploited in the wild. However, in a Reddit post published two days ago, a user claimed a "stolen" Google Cloud API Key resulted in $82,314.44 in charges between February 11 and 12, 2026, up from a regular spend of $180 per month.

We have reached out to Google for further comment, and we will update the story if we hear back.

Users who have set up Google Cloud projects are advised to check their APIs and services, and verify if artificial intelligence (AI)-related APIs are enabled. If they are enabled and publicly accessible (either in client-side JavaScript or checked into a public repository), make sure the keys are rotated.

"Start with your oldest keys first," Truffle Security said. "Those are the most likely to have been deployed publicly under the old guidance that API keys are safe to share, and then retroactively gained Gemini privileges when someone on your team enabled the API."

"This is a great example of how risk is dynamic, and how APIs can be over-permissioned after the fact," Tim Erlin, security strategist at Wallarm, said in a statement. "Security testing, vulnerability scanning, and other assessments must be continuous."

"APIs are tricky in particular because changes in their operations or the data they can access aren't necessarily vulnerabilities, but they can directly increase risk. The adoption of AI running on these APIs, and using them, only accelerates the problem. Finding vulnerabilities isn't really enough for APIs. Organizations have to profile behavior and data access, identifying anomalies and actively blocking malicious activity."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.


文章来源: https://thehackernews.com/2026/02/thousands-of-public-google-cloud-api.html
如有侵权请联系:admin#unsafe.sh