'$15K bill destroyed a solo developer’s startup': How hackers are using leaked Google API keys to ‘go wild’ with Gemini AI for free

1. Pro
2. Security

'$15K bill destroyed a solo developer’s startup': How hackers are using leaked Google API keys to ‘go wild’ with Gemini AI for free News By Efosa Udinmwen published 11 April 2026

Hackers exploit Google API keys to make Gemini AI run wild

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: Shutterstock)

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads
• Email

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore An account already exists for this email address, please log in. Subscribe to our newsletter

• Exposed Google API keys allow attackers to run unlimited Gemini AI requests
• Developers experience severe financial losses due to unauthorized access to AI infrastructure
• Hardcoded credentials elevate public identifiers into active authentication tokens for Gemini AI

Developers are facing severe consequences as exposed Google API keys are exploited to access Gemini AI without authorization, leading to significant financial losses, experts have warned.

Security researchers from CloudSek found the root cause of these incidents lies in the unintended elevation of publicly available API keys into live Gemini AI credentials.

Many developers have long embedded keys for services like Maps or Firebase in public-facing applications, following Google’s official guidance - never anticipating these keys would gain access to the AI infrastructure.

Article continues below You may like

• Shock report claims Android apps have leaked over 730TB of user data and Google secrets - here are some of the worst offenders around
• AI malware, Gemini lures and more: Google reveals how hackers are actually using AI
• Security study finds thousands of API credentials exposed on the web for years

Elevation of publicly available API keys is the root cause

One case involved a solo developer whose startup nearly collapsed after an attacker used a publicly accessible key to flood Gemini AI with inference requests.

The developer revoked the key within minutes of receiving a billing alert, yet due to a reporting lag in Google Cloud’s billing system, the charges had already reached $15,400.

Similarly, a Japanese company experienced approximately $128,000 in unauthorized Gemini API usage, despite firewall-level IP restrictions.

Also, a small development team in Mexico saw an $82,314 spike in only 48 hours, a dramatic 455-times increase over typical spending.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

“This issue does not stem from developer negligence; the implementations were compliant with Google’s prescribed guidelines,” said Tuhin Bose, cybersecurity researcher at CloudSEK.

He explained the architecture effectively converted non-sensitive identifiers into authentication tokens, creating a systemic vulnerability across numerous applications.

CloudSEK’s research identified 32 exposed Google API keys across 22 Android applications with a combined install base exceeding 500 million users.

What to read next

• A Google Gemini security flaw let hackers use calendar invites to steal private data
• Hackers are going after top LLM services by cracking misconfigured proxies
• 'What if the AI agent you just deployed was secretly working against you?': Vertex AI 'double agent' flaw exposes customer data and Google's internal code

The affected apps include household names such as OYO Hotel Booking App, Google Pay for Business, Taobao, and ELSA Speak.

Researchers confirmed data exposure in ELSA Speak when they accessed user-submitted audio files via the Gemini Files API.

The vulnerability allows attackers to perform unlimited Gemini API calls, access sensitive user data, and exhaust organizational API quotas.

It can also persist through app update cycles, severely impacting both developers and end users.

Developers who had followed Google’s guidance now unknowingly hold live credentials to powerful AI tools without notification or opt-in prompts.

Technical measures such as revoking keys and restricting project permissions can mitigate exposure.

However, the financial and operational impact on developers is substantial, suggesting that current practices for handling API keys and AI integrations require immediate reevaluation.

Exposure of hardcoded credentials demonstrates the risks inherent in assuming backward compatibility for modern AI-enabled cloud services.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Efosa UdinmwenFreelance Journalist

Efosa has been writing about technology for over 7 years, initially driven by curiosity but now fueled by a strong passion for the field. He holds both a Master's and a PhD in sciences, which provided him with a solid foundation in analytical thinking.

View More

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Security Shock report claims Android apps have leaked over 730TB of user data and Google secrets - here are some of the worst offenders around    Security AI malware, Gemini lures and more: Google reveals how hackers are actually using AI    Security Security study finds thousands of API credentials exposed on the web for years    Security A Google Gemini security flaw let hackers use calendar invites to steal private data    Security Hackers are going after top LLM services by cracking misconfigured proxies    Security 'What if the AI agent you just deployed was secretly working against you?': Vertex AI 'double agent' flaw exposes customer data and Google's internal code    Latest in Security Security No, Elon Musk doesn't want to give you a $5,000 tax refund — it's a scam, here's what to look out for    Security Microsoft warns worrying security flaw exposed over 50 million Android users    Security ‘It’s a potential national security threat’: Proton study finds over 3,500 US legislators’ official emails leaked and exposed on the dark web    Security Top WordPress Slider plugin hijacked to spread malware — here's what to look out for    Security Google Chrome rolls out a new tool to try and stop infostealer malware in its tracks    Security Adobe Reader users beware — experts flag months-old security flaw using booby-trapped PDFs to scope out victims    Latest in News Video Cameras We're getting the DJI Pocket 4 on April 16, with Insta360 waiting    Tech ICYMI: the 7 biggest tech stories of the week    Computing ‘Computers are no longer a bicycle for the mind’: Frameworks founder    Gaming Former Xbox exec thinks Naughty Dog's decision to cancel the 80% completed The Last of Us Online 'was the right call', but it shouldn't have greenlit it in the first place — 'The ambition was there, but the realistic upfront planning wasn't', she says    Memory DDR4 RAM price falls — but don't get carried away with any optimism yet    VPN Privacy & Security Beyond no-log: Tor looks into seizure-proof servers that forget your data    LATEST ARTICLES

1. 1'$15K bill destroyed a solo developer’s startup': How hackers are using leaked Google API keys to ‘go wild’ with Gemini AI for free
2. 2I've tested every iPhone since the iPhone 12, and Ceramic Shield 2 is the first iPhone glass I fully trust
3. 3We're officially getting the DJI Pocket 4 on April 16, but here's how Insta360 could beat it
4. 4Linux pulls support for ancient CPU — unsurprisingly, Linus Torvald says there is 'zero real reason' to keep a 37-year-old Intel 486 CPU going
5. 5Keanu Reeves' new Apple TV movie Outcome has been slammed by critics — watch these 4 highly-rated films with the beloved actor instead