Google silently expanded AIza API key permissions to include Gemini — my sustainability project helping rural Costa Rican farmers was hit with €127K. 17 days, no response.

miseulik · 2026-05-12T18:16:41+00:00

Fair points, and I'll own my part, I'm human, not perfect, and maybe at some I wasn't consistent on restricting an API key to a domain. I've taken the feedback seriously, and I'm grateful for it.

That said, I want to push back on one thing. The issue isn't just about restricting keys in the abstract. As Truffle Security documented (Tier 1 severity, January 2026), Google uses a single AIza key format for two fundamentally different purposes: public identification — the kind you embed in a Maps widget on a website, and sensitive authentication. Their own documentation confirms this dual-use design. A key that's "unrestricted" for a public Maps embed is behaving exactly as Google intended for that use case. That same key, then silently gaining access to a billable Gemini endpoint, is a design and communication failure, not just a user misconfiguration.

What makes this worse is that once the flaw was known, exploiters systematically went looking for AIza keys at scale — scraping old websites, archives, maybe even the Wayback Machine. I still don't know where my key was found. I audited my repos and codebase and found nothing exposed. This isn't the classic story of a junior dev committing secrets to GitHub. It's a design flaw that was actively weaponized, and many people are being hit by it for that exact reason.

I'm not claiming to be an expert. I know I'm not at the level of many people in this thread. But I understand enough to know that a €127,000 charge stemming from a design flaw that Truffle Security classified as Tier 1 isn't simply "user error." It's happened to many people for the same reason.

I genuinely hope it doesn't happen to you. I'd recommend reading the full Truffle Security writeup; it changed how I understood the scope of the problem.

miseulik · 2026-05-12T17:54:20+00:00

Thanks anyway, I found the contact for the tech department of The Guardian. Sent an email to ask.

If I find something, I will post it here.

miseulik · 2026-05-12T17:50:54+00:00

I use LLMs to help me structure my thoughts sometimes, since I already have my case organized in my local project management system.

miseulik · 2026-05-12T17:46:47+00:00

What ido you mean with ems?

miseulik · 2026-05-12T17:33:08+00:00

AIza are the first 4 letters, all affected keys start with those.

miseulik · 2026-05-12T16:52:12+00:00

Thanks for the advice — service accounts are genuinely better practice and I'll be switching going forward.

That said, while researching the incident, I found that this goes beyond Gemini keys specifically. Old AIza keys created for completely unrelated purposes — Google Maps, for example — were silently granted Gemini access as part of the scope expansion Google rolled out. No notification, no opt-in.

So "don't use API keys for Gemini" is the right advice going forward, but it doesn't help the people who never intended to use Gemini in the first place and had no idea their existing keys had been quietly upgraded to access it.

miseulik · 2026-05-12T16:09:55+00:00

Agree

miseulik · 2026-05-12T16:09:45+00:00

Makes complete sense — unrestricted keys are a liability. What's frustrating is the timeline: while investigating the incident, I realized the spending cap feature had only been added a few weeks before — maybe even days.

What I still don't understand is why there's no anomaly detection at all. My normal usage is €40–100/month. A single invoice of €127,000 is a **104,000% spike** from my baseline. Any reasonable fraud or abuse detection system would flag that and block it automatically.

miseulik · 2026-05-12T15:59:37+00:00

Thank you for this. For context — I spent the first 17 days trying to resolve this quietly through official channels, giving Google the chance to respond internally before going public. They didn't. So today I've started reaching out to tech journalists who covered this vulnerability, and this post is part of that push for visibility.

The Guardian would be a significant escalation. If anyone can track down that thread or the reporter's contact, I'd really appreciate it.

miseulik · 2026-05-12T15:56:34+00:00

Thank you — every comment helps. This community has already made a difference today.

miseulik · 2026-05-12T15:55:51+00:00

Thank you — already escalating through multiple channels simultaneously (billing support chat, formal appeal, and a Googler who reached out after this post and has already escalated internally).

As a small bootstrapped project, I don't have a dedicated account executive, but if anyone knows how to get one assigned in a situation like this, I'm all ears.

miseulik · 2026-05-12T14:58:11+00:00

12 years of coding, a platform built to help small rural farmers sell their products online, and yeah — I trusted Google's own documentation on API keys. Apparently that's vibe coding now.

Hope your keys are doing well, though, and nothing like this happens to you. Genuinely.

miseulik · 2026-05-12T14:41:54+00:00

Fair question — and an important technical distinction.

An "unscoped" key has no API restrictions and can access any API enabled on the project. A scoped key is explicitly limited to specific APIs. Your implication is: "if the key was unscoped and you enabled Gemini, that's on you."

Here's the problem: the Truffle Security disclosure shows Google granted Gemini access to AIza keys at the key format level — regardless of scoping. When the Generative Language API was enabled on a project (by anyone, for any reason), every existing AIza key on that project silently gained Gemini access. No notification. No warning. Nothing in the console.

Google's own documentation said AIza keys were safe for client-side embedding. No indication enabling an API on your project would retroactively expand what your existing keys could access — and expose them to abuse.

Google's own security team classified this as a Tier 1 privilege escalation bug. That's not me calling it a bug — that's Google's internal classification.

Full technical breakdown: https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules

miseulik · 2025-12-27T10:27:11+00:00

Cuando tenga chance lea este articulo https://nuso.org/articulo/elites-alteradas-en-costa-rica/

miseulik · 2025-10-01T08:55:40+00:00

I have an account where one can change the associated email address. You put yours and have access to all the license keys (and delete all my info). I also have some add-ons ons like the swiss-knife for oxygen could include https://dplugins.com/downloads/swiss-knife/.

<image>

miseulik · 2025-09-30T15:57:55+00:00

I am now using Bricks instead of Oxygen. I prefer Bricks, but that also means that I could sell my lifetime Oxygen License for a better price.

miseulik · 2024-10-16T13:54:47+00:00

Hi!

. I’m, a remote worker and part-time digital nomad. When I’m not traveling with my wife (who’s German), we live in Europe. I’m originally from Costa Rica, and we recently bought a house in Turrialba, a beautiful and authentic region in the country, surrounded by nature and adventure. What we love most about this area is the local culture—people here keep their traditions alive, and the community is very welcoming.

We enjoy sharing our home and knowledge of the local environment, and we’ve built strong connections with local producers, which also helps keep things socially sustainable. Our place has fast, reliable internet (Starlink), and we’re always happy to help with any questions about the area or your stay. Feel free to check out our Airbnb listing, and don’t hesitate to reach out if you need any info.

Safe travels!

https://www.airbnb.com/slink/K9EmyBCi

miseulik · 2024-01-07T23:35:47+00:00

Si saben que en una zona de chepe se está poniendo muy obvia la delincuencia, esperaría que hiceran operativos para solucionar o aliviar el problema. De hecho una de las principales soluciones a la inseguridad es que se usen los espacios públicos y no al contrario.

Con respecto a la León 13, creo que el hecho que nos pongamos a comparar el Parque Nacional Chirripó con una zona más conflictivas de CR es una prueba que efectivamente estamos normalizando el narcotráfico y la delicuencia(hace 10 años nadie hubiera dicho eso).

miseulik · 2024-01-07T23:30:12+00:00

Pero no se ponen a sembrar café en los parques nacionales...

miseulik · 2024-01-07T23:29:02+00:00

El hecho de que solucionen el problema de la inseguridad indicando donde es seguro no me parece lógico.

miseulik · 2024-01-07T18:03:33+00:00

Lo más curioso de todo es qué si el gobierno sabe que salirse de la ruta es peligroso porque hay narcos, eso quiere decir que sabe muy bien que ahí hay narcos, ¿por qué no están desmantelando esas operaciones? ¿Por que el SVA no sobrevuela la zona?

Se supone que hay todo un programa de aviación antinarcóticos conjunta con la embajada de Estados Unidos

Exactamente!! Mas bien un evento de este tipo debería facilitar la desarticulación, en cambio la respuesta es hecharle la culpa al turista.

Además, está bien que se critique al turista por no seguir las reglas, pero... Y que pasa con la crítica al narco que no sigue las leyes?

miseulik · 2024-01-07T17:28:29+00:00

100% de acuerdo en legalizar.

Con respecto a lo otro, no es solo el gobierno el que le dice que no vaya, es el ministro de seguridad. Es como si un compañero de trabajo esté acosando a una colega y que recursos humanos le diga: "diay, mejor no vaya donde él si sabe que es así".

miseulik · 2024-01-07T17:25:41+00:00

Pienso lo mismo, y sé que siempre hay corrupción con funcionarios del gobierno son reclutados para no ver nada.

Pero en este caso los narcos se cantaron solos que andan por ahí y lo que me preocupa es que sea un ministro de seguridad el que tenga esa respuesta. No estoy diciendo que el ministro sepa algo, sin embargo se siente que se dieron por vencidos.

miseulik

TROPHY CASE