The cryptocurrency market has been the target of several kinds of attacks over the years, with malicious actors growing increasingly sophisticated with their methods. One comparatively novel method is the dusting attack, which involves sending tiny amounts to sometimes hundreds of thousands of wallets.
The attacker does not always have the intention of stealing funds, as we shall see. As far as attacks go, it is not the worst one when it comes to financial consequences, but it does have other implications.
In this article, we will cover what a dusting attack is, how it is carried out, and any concerns you should have about it.
Defining a Dusting Attack
In the language of crypto, the word dust refers to a very small amount of coins or tokens. When using bitcoin as an example, the smallest unit of the BTC is 1 satoshi (0.00000001 BTC), so dust could be equal to a few hundred satoshis. Receiving anywhere from a couple of sats to a few hundred sats means that you are the victim of a dusting attack.
A dusting attack is an offensive method used to deanonymize and break the privacy of cryptocurrency users by sending small amounts of crypto to their wallets. The amount of tokens sent is so small that they are barely noticeable. Oftentimes malicious actors will send the same crypto that is already stored in a wallet. Otherwise, it is also common to see token transfers that involve cryptocurrencies with low blockchain network fees.
Do keep in mind that not all dust is the product of a dusting attack. When trading or exchanging tokens, it is common to leave behind the smallest denomination of any token after the trade is executed. So if you find crypto dust of a recently traded token, it is more likely for it to be a byproduct of a trade rather than an attack.
Luckily for everyone, most exchanges have the option to convert dust. As dust cannot be traded since exchanges have a minimum trading size requirement, dust conversion is the easiest way to get rid of small balances.
How does dusting attack work?
The fact is that dust is unnoticeable and that it cannot be traded. Malicious actors exploit that fact by sending dust to different addresses in order to ‘track them.’ However, the ultimate goal is to analyze all addresses that received dust and connect the dots by identifying which ones belong to the same wallet.
The attackers know that most cryptocurrency users don’t really notice small changes in their balances, so they monitor the outflow of these trace amounts whenever it occurs. They then use social engineering to try to discover the individual’s identity — and then blackmail them, possibly. That is the true threat of the dusting attack. But it is what follows that could prove to be harmful.
The trace amounts sent can help attackers monitor the activity of a particular wallet. Then, they use it in phishing attacks. By doing so, it is possible to track down a person’s identity. This is generally done by discovering small details that are relevant to the target’s identity or by using the original information to blackmail and extort users. This seems to be the intended purpose of a dusting attack.
Dusting attacks
One of the most notable attempts of a dusting attack happened in 2019. It saw hundreds of thousands of dust transactions made on the Litecoin network. Later, the source of the attack was quickly identified as a group that was advertising their Litecoin mining pool. No harm was caused, but it became apparent that this could serve a malicious purpose.
Bitcoin also experienced the same attack in 2018. Thousands of wallets received 888 satoshi. It was later discovered to be from BestMixed, a crypto mixer platform that, again, was advertising its platform.
As of this writing, no major consequences of dusting attacks are yet to be reported. But then again, following up on such an attack is not easy, so it may very well be that some users have fallen prey to dusting attacks. It’s certainly something you want to avoid dismissing too easily.
These incidents drew attention to the negative consequences of dusting attacks — but there are some ways to avoid the worst of the attack. With these methods, you can prevent these attacks or at least avoid the consequences.
How to detect dusting attacks?
Dusting attacks exist because some users ignore the tiny transactions in their crypto portfolio. Some wallet owners mistaken dust as interests on holdings, freebies from their exchanges, or airdrops. Here are three typical signs of a dusting attack.
Nano-amounts in digital wallets
As we have mentioned, minuscule amounts of crypto may land in wallets for legit reasons. You can confirm a dust attack by regularly checking your transaction history.
Phishing attacks or blackmailing
Suppose you have missed the infiltration, so the hackers have your personal data and IP. You can still detect other telltale signs like an influx of spam emails. In more serious cases, the holder’s data may be used for blackmail and extortion.
Links to a dubious site
In October 2020, Binance users received tiny amounts of BNB. Unsuspecting users consolidated the dust with their own funds. Afterward, they received a confirmation memo with a link to malware in an enticing offer.
How to avoid dusting attacks?
Fortunately, it’s unlikely that you’ll ever be subject to a dusting attack. The best solution is to avoid any dust transaction — these amounts are untraceable unless used.
If ever you receive a dust, just don’t use the amount to trade or transfer funds. Report these unrecognized amounts and unspent transaction outputs (UTXO) on your crypto platforms. And because many exchanges offer the convert to dust option, you can simply convert the dust amount to your preferred crypto. That’s it — you don’t have to worry about potentially identity theft using social engineering.
You could also use a hierarchical-deterministic wallet, which creates a new address for each transaction you make. Of course, not all of these options are beginner-friendly, which is why it may be better to use an exchange that offers the option to convert dust.
Never click on any links accompanying suspicious transactions. Using a VPN will prevent anyone from detecting your IP address. You can move the funds you HODL to a hardware wallet, so they are disconnected from the blockchain. However, hardware wallets have their own risks.
Most digital wallets consolidate address balances automatically when a transaction is launched. Others let users mark specific UTXOs and exclude them from the aggregation.
If you take these steps, you shouldn’t have much to worry about when it comes to dusting attacks. They don’t happen so often that you have to worry about your particular address being a target.
Final Thoughts
Legit and malevolent actors use dusting to identify wallet holders. In case of cybercrime, the rest boils down to social engineering, not technical exploits. Compared to clipping and switching, dusting is a minor concern. For the majority of users, it is merely a nuisance.
Unless you are a whale or live in a highly criminal area, simple precautions are enough. In case of suspicions, contact your security team — wallets and exchanges are adding new measures to combat dusting. Educate yourself about social engineering methods, and scammers won’t have a chance. Our in-depth overview of other crypto scams is coming soon, so stay tuned!
