Researchers at TruffleSecurity found that the API key strewn throughout the Internet from simpler times are having unintended consequences for users and companies.
In the past, it was fine to use the API keys on public websites, because you were pulling up things like Google Maps locations to share with others.
Then Google release Gemini and suddenly, those same AI keys are used to access Gemini and your private Gemini knowledge space… Even Google fell foul of this, with some of their API keys on public websites also accessing Gemini.
As the API to Gemini is also not free, a bad actor who copied the key out of a webpage could run up a bill of thousands of dollars a day by maxing the usage of Gemini to exfiltrate information.
According to the researchers, some of the keys were used by major financial institutions, security companies, and recruiting firms. They reported the problem to Google, providing samples from its infrastructure.
In one case, an API key acting just as an identifier was deployed since at least February 2023 and was embedded in the page source of a Google product’s public-facing website.
The issue was reported to Google in November and they reluctantly acknowledged it as a “single-service privilege escalation” is mid January.
Newly issued keys will be Gemini only in scope by default, going forward and older leaked keys will be blocked.
Developers should check whether Gemini (Generative Language API) is enabled on their projects and audit all API keys in their environment to determine if any are publicly exposed, and rotate them immediately