What is LLMjacking?

Updated
Short answer

Theft + resale of stolen LLM API keys for unauthorized inference. Documented Claude Opus victim ran 4.5 days at ~$50K. Premium-model abuse exceeds $100K/day.

Attacker steals an LLM API key (via leaked .env, leaked .claude/ config, Bitwarden CLI hijack, npm package leak). Drops into open-source reverse proxy + lists access at ~$30 on dark-web markets. Victim sees inference charges accumulating with no easy attribution.

Defense: spend caps at vendor + per-key + per-tenant. Securie's cost-firewall + secret_scanner + secrets-lifecycle close the structural gap.

People also ask

How much does an OpenAI key leak cost on average?
Documented Claude Opus victim: ~$50K in 4.5 days. OpenAI key leaks typically run $1K-$50K before the spend cap trips. Pr