Massive AI Key Leaks in iOS Apps: Study Reveals Urgent Security Flaws Affecting Developers
June 30, 2026
Leaks occurred due to plaintext keys, missing keys, or replayable tokens, allowing attackers to misuse developers' paid AI accounts.
The article notes the scope expanding into late 2025 US App Store policies, implying the two-thirds figure is a conservative floor and the real rate may be higher.
A Wake Forest University study of 444 iOS AI chatbot apps found that 282 (nearly two-thirds) exposed paid AI access through network traffic.
Overall impact underscores the urgency for developers to avoid embedding keys in apps and for providers and platforms to enforce safer integration practices.
After notifying developers, only about 28% fixed the issue within three months, 23% remained open or became unreachable, and some tokens persisted unusually long (one token lasting to 2125).
This work builds on prior research showing that insecure AI wiring patterns exist across Android and iOS ecosystems, with high financial risk from leaked credentials.
Leaks spanned at least ten AI providers, with OpenAI being the most commonly exposed; health and fitness apps had the highest leak rate, while finance and medical apps leaked nothing.
Recommended fixes include routing AI calls through a developer-controlled server that authenticates callers and revokes leaked keys, plus better labeling of unsafe client-side keys by AI providers and stronger app-store screening by Apple.
In 28% of plaintext-key cases, the captured data also exposed apps’ hidden system prompts, revealing internal instructions for AI assistants.
The study highlights LLMjacking, where stolen keys are used to access paid AI services, potentially incurring massive costs for developers.
Summary based on 1 source
Get a daily email with more Tech stories
Source

The Hacker News • Jun 30, 2026
282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study