This work exposes a critical security flaw in the shot-based billing model of cloud quantum computing services: leveraging mid-circuit measurement and conditional reset—natively supported on real hardware—adversaries can circumvent per-shot billing constraints to execute multiple independent quantum circuits in parallel within a single shot. We systematically identify and empirically validate this vulnerability for the first time, proposing a novel attack framework that integrates dynamic control flow, circuit stitching, and conditional reset. We demonstrate the attack on IBM Quantum, achieving up to 10 concurrent circuits per shot and reducing theoretical billing costs by up to 900%. Our findings reveal a fundamental blind spot in existing billing mechanisms under quantum control-flow semantics. Beyond exposing this design weakness, our work has prompted multiple cloud providers to revise their billing policies and provides both theoretical foundations and practical blueprints for developing secure, yet usable, next-generation quantum cloud billing frameworks.

This work presents the first thorough exploration of how reset operations in cloud-based quantum computers could be exploited to run quantum circuits for free. This forms a new type of attack on the economics of cloud-based quantum computers. All major quantum computing companies today offer access to their hardware through some type of cloud-based service. Due to the noisy nature of quantum computers, a quantum circuit is run many times to collect the output statistics, and each run is called a shot. The fees users pay for access to the machines typically depend on the number of these shots of a quantum circuit that are executed. Per-shot pricing is a clean and straightforward approach as users are charged a small fee for each shot of their circuit. This work demonstrates that per-shot pricing can be exploited to get circuits to run for free when users abuse recently implemented mid-circuit qubit measurement and reset operations. Through evaluation on real, cloud-based quantum computers this work shows how multiple circuits can be executed together within a shot, by separating each user circuit by set of reset operations and submitting all the circuits, and reset operations, as one larger circuit. As a result, the user is charged per-shot pricing, even though inside each shot are multiple circuits. Total per-shot cost to run certain circuits could be reduced by up to $900$% using methods proposed in this work, leading to significant financial losses to quantum computing companies. To address this novel finding, this work proposes a clear approach for how users should be charged for their execution, while maintaining the flexibility and usability of the mid-circuit measurement and reset~operations.