"The attacker didn't steal my key. They found a Cloud Run service I'd published from AI Studio months earlier, hit the public URL, and Google's own proxy signed every request on their behalf using the API key stored as a plaintext environment variable in the container," Davies wrote in his LinkedIn post. "Even though it was public, the link wasn't shared or indexed anywhere. By the time I got a budget alert the next morning, A$10,000 had already been charged to my credit card, now getting insufficient funds. I was still talking to Google support when A$15,000 more came through." What’s worse was that Google automatically upgraded the tier of Davies' account without any notification. The account was initially at Tier 2, which had a $2,000 limit, but Google automatically upgraded it to the next level when the account crossed the $1,000 threshold during the incident. This increased the cap to between $20,000 and $100,000. While this is likely designed to make it easier for a service to scale, it also has the unwanted effect of costing the user more than intended, e.g. if they are the victim of an attack.
Their headaches did not end here, though. It took several days before Davies was able to get through to a real human customer support. Thankfully, it seems that the charge has been waived, while the transactions that actually pushed through were credited back by their bank. Still, the issue isn’t settled, and Davies has a meeting scheduled with Google managers to talk about the case.
You may like Gemini API key thief racks up $82,314 in charges in just two days, victim 'facing bankruptcy' Anthropic nukes a company's access to Claude, stopping 60 employees dead in their tracks Engineer receives $30,000 for exposing a vulnerability affecting 7,000 robot vacuum cleaners Davies also shared the experience on Reddit , on the r/googlecloud subreddit, and asked if other users had similar stories to share. It turns out they did — several other users reported getting hit with insane bills, including one commenter from Japan who said that they were hit with a $44,000 bill that ballooned to $128,000 even after they paused the API. And last month, we covered a case in which an API thief racked up $82,314.44 in charges on an account that typically saw around $180 per month. Cybersecurity firm Truffle Security Co. has already highlighted the risks associated with Google Cloud using a single API key format. These API keys were previously used as project identifiers, but when the Gemini API is activated on any Google Cloud project, these existing API keys become Gemini credentials — allowing anyone who can copy them to rack up AI bills. So… it's likely we'll see more horror stories of shocking API bills if Google doesn't update its Gemini policies.
Follow Tom's Hardware on Google News , or add us as a preferred source , to get our latest news, analysis, & reviews in your feeds.
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/artificial-intelligence/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/artificial-intelligence/google-cloud-customer-wakes-up-to-usd18-000-bill-despite-usd7-budget-thanks-to-forgotten-public-api-key-attacker-put-in-60-000-requests-and-blasted-through-usd1-400-spending-cap#main
- https://www.tomshardware.com/subscription
- SpaceX says it is going to begin manufacturing GPUs — $1.75 trillion IPO listing reportedly includes in-house GPU production
- Amazon Eero and Leo routers gain FCC Conditional Approval for US sales — Eero products can skirt router ban for the next 18 months, firm joins Netgear on approv
- Keychron K3 Ultra Review: Got Wood?
- UK spy agency releases malware-blocking gadget for HDMI and DisplayPort cables — SilentGlass blocks malicious traffic traveling between display and computer
- The Future of AI Is Open and Proprietary
Informational only. No financial advice. Do your own research.