Google API Keys Remain Active Up to 23 Minutes After Deletion, Researchers Find
Table of Contents
The Window of Opportunity
For a developer who realizes their Google API key has been leaked, the immediate instinct is to delete the credential to stop the bleeding. However, new research suggests that hitting the ‘delete’ button does not provide the instant protection most users assume. According to security researchers at Aikido, there is a substantial propagation delay where deleted keys remain usable across Google’s infrastructure for up to 23 minutes.
This window creates a critical vulnerability. In the world of automated attacks, 23 minutes is an eternity. An attacker with a leaked key can use this timeframe to exfiltrate sensitive data, dump files uploaded to Gemini, or trigger massive compute costs before the revocation fully syncs across Google’s global server network.
Measuring the Gap
The findings come from a series of trials conducted by Aikido, where researchers created and immediately deleted API keys, then bombarded Google’s endpoints with authenticated requests. Joseph Leon, a security researcher at Aikido, noted that the revocation doesn’t happen all at once; instead, it propagates gradually. While some servers reject the key almost instantly, others continue to authenticate it for nearly half an hour.
The researchers tested this behavior across three distinct regions—the US East Coast, Western Europe, and Southeast Asia—using virtual machines to simulate global attack vectors. Interestingly, the data suggested that VMs further from the US actually picked up the deletion faster, though Leon noted that Google’s complex request routing makes it difficult to pinpoint the exact cause of this regional variance.
The vulnerability isn’t limited to a single service. While the team focused heavily on Gemini AI integration, they observed similar behavior with keys scoped to BigQuery and Google Maps. This suggests a systemic issue with how specific types of API keys are handled during the deletion process.
Financial Fallout and ‘Auto-Upgrades’
The security risk is compounded by Google’s billing architecture. In April, Google reworked its billing policy to include spending tiers. While presented as a way to manage costs, the system allows Google to automatically upgrade a user’s spending tier without explicit notification if usage spikes.
For accounts with a history of spending over $1,000, a cap that was previously $250 can be automatically boosted to $100,000. For a malicious actor, this is a windfall. By utilizing high-resource models like Gemini’s video production tool Veo 3 or Nano Banana, attackers can rack up five-figure bills in a matter of minutes. Developers have reported frantic attempts to shut down projects while watching their costs climb by thousands of dollars in real-time, only to find that deleting the key doesn’t stop the charges immediately.
The ‘Won’t Fix’ Response
The most contentious part of the discovery is Google’s reaction to the report. Leon revealed that after presenting the findings to Google, the company closed the issue as “Won’t Fix (Infeasible).” According to the company, the delay in propagation is “working as intended.”
This stance is surprising given that Google has already implemented faster revocation for other credential types. Service account API credentials, for instance, propagate in about five seconds, and newer “AQ” formatted Gemini keys sync in roughly a minute. The fact that these faster systems exist suggests that a technical solution for the older API key format is possible, yet deemed a low priority by Google.
For now, developers are left in a position where the primary tool for emergency mitigation—key deletion—is unreliable in the immediate aftermath of a breach. While Google has issued refunds in some high-profile cases, the gap between deletion and expiration remains a potent tool for those looking to exploit the cloud.
