Empirical Study on LLM API Key Leakage in iOS Apps: 63% of Apps Have High-Risk Vulnerabilities

This article is the first systematic study on LLM API key leakage in iOS apps. It reveals that 63.5% of LLM-integrated iOS apps have exploitable key leaks, and 72% of these vulnerabilities remain unpatched three months after disclosure, involving over ten providers including OpenAI and Anthropic. The study uses the innovative LLMKeyLens dynamic analysis framework, filling the research gap in this field for the iOS platform, and points out that the problem stems from the lagging systematic security practices of developers, platforms, and providers.

The rapid integration of LLMs into mobile apps brings new security threats—API key leakage. Its economic costs include unauthorized use of paid services, abuse of model capabilities, data theft, and reputational damage. While there are numerous related studies on the Android platform, iOS lacks systematic analysis due to its closed nature, which this study fills.

The research team developed the LLMKeyLens framework, which enables dynamic analysis through network traffic interception, provider-specific extraction, and active validation of effectiveness—without requiring source code or binary decryption. The dataset selected 444 eligible iOS apps from 1092 candidates (explicitly integrating LLMs, downloadable and runnable, generating analyzable traffic).

63.5% of the 444 apps have exploitable key leaks, involving over ten providers. Three main patterns: 1. JWT token leakage (48%): client-side generation, excessive permissions, no expiration policy; 2. Unauthenticated backend proxy access (33%): open endpoints, no request validation, loose CORS; 3. Plaintext API key transmission (19%): HTTP transmission, URL parameter leakage, plaintext in request body.

After responsible disclosure to 282 vulnerable apps, only 28% were patched, and 72% remained unpatched. The main issues with unpatched apps: unauthenticated backends (insufficient developer security awareness, difficult architecture modification) and broken JWT implementations (requiring architectural redesign and synchronized client-server updates).

Developer level: insufficient security awareness (e.g., believing iOS binaries are hard to extract), misleading integration documentation; Platform level: lenient App Store review, no built-in protection mechanisms; Provider level: insufficient security guidance, lack of mobile-specific key management tools.

Developers: Do not hardcode keys (store in backend, dynamically obtain temporary tokens), implement proxy authentication, use JWT correctly; LLM providers: Provide mobile-specific SDKs, improve documentation examples, implement platform-level protection; App stores: Add security review items, establish vulnerability response mechanisms.