A recent cybersecurity report has raised significant concerns about the unintended exposure of advanced AI systems through widely used Android applications. According to a detailed study by CloudSEK, 22 popular apps—collectively installed over 500 million times—contain hardcoded Google API keys that could potentially be misused to access Google Gemini services.
To begin with, the research—powered by CloudSEK’s BeVigil security search engine—reveals how a long-standing development practice has gradually evolved into a major security vulnerability. Traditionally, developers treated API keys, especially those beginning with the “AIza” prefix, as non-sensitive identifiers. As a result, they often embedded these keys directly into publicly distributed applications.
However, the situation has changed dramatically. CloudSEK discovered that once the Gemini API is activated within a Google Cloud project, all previously generated API keys linked to that project automatically gain access to Gemini endpoints. Notably, this transition happens without any explicit warning or developer consent. Consequently, what were once harmless identifiers now function as gateways to powerful AI capabilities.
Furthermore, the report highlights that this issue is not limited to obscure applications. Instead, it affects widely used platforms across industries such as finance, travel, education, and productivity. Some of the impacted apps include OYO Hotel Booking App, Google Pay for Business, Taobao, apna Job Search App, ELSA Speak: AI English Learning, Shutterfly, and JioSphere Web Browser.
In one particularly alarming case, researchers successfully demonstrated real data exposure. By exploiting a hardcoded API key in the ELSA Speak app, they accessed the Gemini Files API and retrieved a list of user-uploaded audio recordings. This clearly illustrates the potential severity of the vulnerability.
Moreover, CloudSEK outlined several risks associated with such exposed keys. Attackers can view sensitive user data, including documents, images, and audio files. They can also generate excessive AI requests, leading to inflated billing costs, or overload API limits, disrupting services for legitimate users. Additionally, attackers may gain access to cached AI prompts and contextual data.
The financial implications are equally concerning. For instance, one independent developer reportedly lost $15,400 overnight due to unauthorized Gemini usage. Similarly, a Japanese company incurred losses of approximately $128,000, while a small Mexican team faced charges of $82,314 within just 48 hours.
Importantly, CloudSEK researcher Tuhin Bose emphasized that developers are not at fault. Instead, the root cause lies in backend design changes that transformed public API identifiers into sensitive AI credentials without adequate communication.
Ultimately, the report concludes that millions of devices may unknowingly run apps with active Gemini access, thereby creating a widespread and systemic cybersecurity risk.
Recommended Cyber Technology News:
- Meta Business Manager Misused in Large-Scale Phishing Attack
- Reply Joins Microsoft Agent 365 Launch for Enterprise AI Governance
- Cisco Talos Warns of React2Shell Credential Attacks
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
