CybersecurityHacking

Google API Keys Remain Usable for 23 Minutes After Deletion

Analyst 207||Source: TheRegister
Unoccupied workstation with laptop and technical equipment in a brightly-lit server room.
“We've identified a substantial window where an attacker with access to a leaked Google API key can continue to misuse that credential, after the user believes the key is revoked,” Joseph Leon, a security researcher with Aikido, told The Register.

Aikido's experiments: how long a deleted key keeps working

Aikido ran 10 trials over two days to measure how long Google API keys remain usable after deletion. In each trial researchers created an API key, deleted it, then sent three to five authenticated requests per second until responses stopped accepting the credential. The time between deletion and the point where requests failed varied, averaging 16 minutes and stretching to nearly 23 minutes in the worst case. Success rates during that window fluctuated dramatically; in some minutes over 90% of requests still authenticated, while in others fewer than 1% did.

Technical scope: APIs, regions, and propagation patterns

The tests used keys that had access to Gemini and to other Google Cloud Platform APIs including BigQuery and Maps. Aikido executed parallel requests from virtual machines in three Google Cloud regions — east coast US, western Europe, and southeast Asia — and spot-checked results on different dates. Researchers reported a consistent pattern: VMs further from the US picked up the deletion faster, an outcome the paper said is “the opposite of what you'd expect.” Aikido did not assert a definitive cause, but pointed to routing affinity, caching, or other regional infrastructure factors as likely drivers.

Risk beyond compute: billing spikes and data exposure

Joseph Leon warned that the damage from a usable-but-deleted API key is not limited to compute charges. If Gemini is enabled on the project, an attacker can “pull sensitive files uploaded to Gemini, and exfiltrate cached context.” The Register documented developers hit with five-figure bills after credentials were compromised. In three instances The Register brought to Google, the company issued refunds totaling $154,000. The February–May timeframe for testing is not named in the paper; the research and reporting focus on the mechanics and outcomes of post-deletion access.

Billing policy changes that magnify the attacker's payoff

The problem is compounded by a change to Google's billing policy that introduced spending tiers. For users who have been with Google more than 30 days and have spent over $1,000 lifetime, an account cap can automatically increase from $250 to $100,000 if usage spikes — a mechanism Aikido and The Register say can produce a windfall for crooks who obtain API keys. Attackers documented by The Register used Gemini models such as Nano Banana and the video model Veo 3, driving costs into five figures within minutes in reported cases.

Comparative revocation behavior and Google's response

Aikido contrasted the long propagation delay for standard Google API keys with faster revocation behavior elsewhere in Google's stack. The paper notes Google’s service account API credential revocations propagate in about five seconds, and Gemini's newer API key format (the one starting with AQ) takes roughly a minute. Those benchmarks, Leon wrote, “suggest this is technically solvable for Google API keys, too.”

After Aikido submitted its report, Google closed it with the status “Won't Fix (Infeasible)” and the comment, “the delay due to propagation of the deletion of these keys is working as intended,” according to Leon. The Register has reached out to Google about the research but had not received a response at the time of publication.

What this means for developers, cloud security teams, and adversaries

  • Developers: Rapid deletion of an exposed key is not an immediate kill switch; Aikido's tests show a measurable propagation window during which attackers can continue to operate and cause both data exfiltration and financial harm.
  • Cloud security teams and operations: The disparity between credential types — service accounts (≈5s), AQ Gemini keys (≈1min), and standard API keys (averaging 16min, up to 23min) — points to a need to inventory which key types grant sensitive access and adjust controls and monitoring accordingly.
  • Adversaries: The combination of a multi-minute revocation window and automatic spending-tier upgrades creates a predictable opportunity to maximize requests and charges while also attempting data extraction where Gemini is enabled.

Google refunded $154,000 in the three incidents The Register highlighted, but the company told Aikido the lengthy propagation delay is “working as intended.” That leaves a narrow set of concrete facts: Aikido measured an average 16‑minute post-deletion window (peaking at 23 minutes); attackers can exploit that interval to rack up charges and, if Gemini is enabled, to pull files and cached context; and Google has declined to treat the finding as a fixable defect. The unresolved tension — substantial, demonstrable harm versus a vendor judgment that the behavior is acceptable at scale — is the clearest question this research leaves on the table.

Source: The Register — Threat hunters find Google API keys still usable 23 minutes after deletion

Cloud MisconfigurationCloud SecurityEmerging ThreatsCredential MisuseAPI Key ManagementGoogle API Keys
Related Intelligence

Continue Reading

Moderator's workspace with laptop and blurred screen in a community gathering place.

Community Forum Moderation Evolves Amid Security Landscape

Join the conversation, but first, a friendly reminder: let's keep it civil and respectful in Bunker Talk, even when politics heat up - no name-calling, no personal attacks, and stick to the facts. By following these simple rules, we're building the best commenting crew on the net.

Analyst 207
MacBook on a desk with a softly lit modern workspace background and coding elements on the screen.

MacOS Update Exposes New Artifact for Tracing Digital Intent

The latest macOS update has introduced a game-changing digital trail: the App.MenuItem stream, which meticulously logs every menu selection you make, complete with exact timestamps. This new artifact reveals a detailed narrative of your interactions with the operating system interface.

Analyst 207
Young adults in casual professional attire seated in a modern conference room with technology equipment.

CyberCorps Bolsters AI Focus as Funding Lags

Meet the game-changing CyberCorps Scholarship Program, which has successfully launched nearly 5,000 cybersecurity pros into federal roles over the past 25 years. By offering full scholarships and stipends, it empowers students to serve the nation in exchange for a commitment to work in federal cybersecurity.

Analyst 207
Rows of computer servers and networking equipment in a brightly-lit server room.

phpBB Fixes Decade-Old Auth Bypass Bug

A major vulnerability in phpBB has been uncovered, allowing attackers to bypass authentication and log in as any user, including administrators, with ease and no special knowledge required. This decade-old bug, exploitable in default configurations, has been patched - but only after researchers took steps to privately disclose the issue to prevent widespread exploitation.

Analyst 207