A new security study has revealed a major problem affecting AI-powered iPhone applications. Researchers from Wake Forest University found that 282 out of 444 iOS apps using large language model (LLM) features exposed sensitive API credentials or backend access during normal network communication. The issue was discovered after examining hundreds of AI-enabled apps across the Apple App Store. The findings show that insecure AI integration has become a widespread security concern.

apple-intelligence-ai-api-key-security-ios-apps

The researchers developed a testing framework called LLMKeyLens to inspect how these applications communicate with AI services. Without needing the apps’ source code or decrypting their binaries, the framework intercepted network traffic and verified whether exposed credentials could actually be misused. The study confirmed that 64% of the tested applications leaked exploitable credentials. These leaks were found across at least ten different AI providers and multiple cloud platforms.

The study identified three main ways these credentials were exposed. The most common issue involved 136 apps leaking reusable JWT authentication tokens that could allow unauthorized access if intercepted. Another 92 applications exposed backend proxy services that accepted requests without proper authentication. The remaining 54 apps directly transmitted plaintext API keys to AI providers instead of protecting them on secure servers.

api-key-leak-ai-app-security-concept

Researchers also found that 28 of the apps exposing plaintext API keys revealed their private AI system prompts at the same time. These prompts often contain business logic, custom instructions, or proprietary configurations that developers normally keep hidden. If attackers obtain both the API keys and system prompts, they may gain a deeper understanding of how the AI service operates. This increases both financial and security risks for developers.

The affected applications belonged to 13 different categories, including productivity, entertainment, education, lifestyle, utilities, and health & fitness. Although productivity apps had the highest number of vulnerable applications, the Health & Fitness category recorded the highest leakage rate overall. The problem was not limited to small developers either. Some vulnerable apps had more than 2.3 million user ratings, showing that even highly popular applications were affected.

cloud-api-security-ai-backend-protection

The researchers explained that simply moving API keys from the mobile app to a backend server is not enough to ensure security. Many developers used backend proxy systems but failed to add proper authentication or authorization controls. As a result, attackers could still send requests through these backend services without permission. Weak token management and poorly protected backend infrastructure remained common problems throughout the study.

After responsibly reporting the findings to the affected developers, the research team waited 90 days before testing the applications again. The follow-up analysis showed that only 28% of the vulnerable apps had successfully fixed the reported issues. Around 72% remained exploitable because developers either did not make changes or continued using insecure authentication methods. This highlights the slow pace of security improvements across many AI-powered iOS applications.

ai-app-developer-network-security-analysis

The researchers concluded that LLM API credential leakage is a widespread and persistent issue in the iOS ecosystem. They recommend stronger developer awareness, secure authentication practices, better backend protection, and clearer implementation guidance from AI service providers. The study also suggests that platform-level security checks could help detect these weaknesses before applications reach users. As AI continues to expand across mobile apps, protecting API credentials has become an essential part of application security.

Stay alert, and keep your security measures updated!

Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news