Crypto dusting attacks: what are they and how to avoid them?

Apr 27, 2023

·

6 min. read

What’s crypto dust?

Crypto dust refers to small amounts of cryptocurrency that are sent to a large number of wallet addresses for various purposes, benevolent or malicious.

Crypto dust is generally considered as the amount of cryptocurrency equal to or lower than a transaction fee. Bitcoin, for instance, has a dust limit of about 546 satoshis (0.00000546 BTC) - the smaller denomination of Bitcoin imposed by Bitcoin Core, the Bitcoin blockchain software.

Wallets that apply such a limit may reject transactions equal to or smaller than 546 satoshis. Dust can also be the small amount of cryptocurrency that remains after a trade due to rounding errors or transaction fees, which can accumulate over time. This small amount is not tradeable but can be converted into the exchange’s native token.Although crypto dust has mainly been used for legitimate purposes, such as alternative advertising methods to traditional mailshots, crypto users should know what a dust attack is and take measures to protect themselves in case of its occurrence.

What’s a crypto dusting attack?

A dusting attack is when small amounts of cryptocurrency, called dust, are sent to multiple wallet addresses by malicious actors. This is done to track the movement of funds between addresses and invade the privacy of owners.

The attacker's goal is not to steal cryptocurrency but to identify the victim through off-blockchain hacking. This can lead to elaborate phishing scams, cyber extortion threats, blackmail, or identity theft to make a profit.

Dusting attacks can occur in public blockchains like Bitcoin, Litecoin, and Dogecoin.

Are all dusting attacks scams?

Not all cryptocurrency dust transferred to a crypto wallet is for scamming. Dusting can have other purposes besides hacking.

Governments may use dusting techniques to link a cryptocurrency address to an individual or organization, identifying criminal activities like money laundering, tax evasion, or terrorist threats. Dusting also helps ensure regulatory compliance and safety.

Developers may use dusting to stress test their software, which involves testing beyond normal limits to determine the software's robustness, transaction processing speed, network scalability, and security protocols. This helps identify potential vulnerabilities in the software, allowing developers to improve its performance and security.

Crypto traders often receive dust resulting from trades, which is not an attack. Many exchanges offer customers the option to swap these small amounts of cryptocurrency for native tokens to use in future trades or another cryptocurrency with a low transaction fee.

How is it done?

Malicious actors exploit the fact that cryptocurrency users may not notice small amounts of cryptocurrency in their wallets in the same way you wouldn’t notice if a cent or penny was added to or went missing from your bank account.

Blockchains can track transactions, making it possible to identify wallet owners. To be effective, the attacker needs to combine the crypto dust with other funds (co-mingle) in the same wallet and use it for other transactions.

This ultimately ‘infects’ your wallet and if you accidentally send the dust to an off-blockchain centralized organization or exchange, you can become vulnerable to phishing, extortion, blackmail, and other targeted hacks.

UXTO-based cryptocurrency addresses are more vulnerable to dusting attacks. A UTXO-based address is a type of cryptocurrency address used in various blockchains, such as Bitcoin, Litecoin, and Dash. These blockchains generate a new address for leftover transaction change, and dusting attacks can therefore be more effective on UTXO-based addresses.

Crypto dust, like the change we get from a merchant when we spend money, can be used in other transactions later. But attackers can use advanced tools to trace a thread and determine the victim's identity by detecting the origins of funds from the dust attack transaction.

Yeah, but can my crypto be stolen by dusting?

Not directly — but hackers can use sophisticated tools to trick wallet holders into accessing phishing sites and draining their funds, bypassing traditional dusting attacks.

A dusting attack identifies individuals or groups behind wallets to deanonymize them and break their privacy. These attacks cannot directly steal cryptocurrency but aim to detect victims' social activities through the combination of different addresses, which can then be used for blackmail purposes.

Over time, attackers have become more sophisticated in disguising scam tokens as appealing free tokens, such as those claimed from popular NFT projects on phishing sites created by hackers that seem legitimate.

These phishing sites allow hackers to move funds and NFT assets to their wallets by granting them permission to access their wallets, stealing crypto using harmful lines of code in smart contracts.

Dusting attacks primarily occur on browser-based wallets, such as MetaMask and the Trust wallet, which are more accessible to the public and can be more easily targeted by hackers or scammers.

How to identify crypto dust attacks?

A clear indicator of a dusting attack on a wallet is the sudden appearance of small amounts of extra cryptocurrency that cannot be spent or withdrawn. The dusting attack transaction will appear in your wallet's transaction history and should be easy to verify.

Centralized exchanges present a significant vulnerability, too as they operate and comply with KYC and Anti-Money Laundering (AML) regulations which means they store customers' data, making them a possible target of such attacks. Another good reason to avoid centralized platforms.

In Oct 2020, Binance experienced a dusting attack where small amounts of BNB were sent to several wallets. When the victims combined the dust with their other funds, they received a transaction confirmation with a malware link. Once clicked, the victim was hacked.

After a dusting attack, cryptocurrency providers such as exchanges or wallets are usually encouraged to take strict measures to prevent future episodes.
In 2018, Samourai Wallet developers warned users of a dusting attack and asked them to mark UTXO as "Do Not Spend." To help prevent future attacks, the developers added a real-time dust-tracking alert and an easy "Do Not Spend" feature to prevent future attacks.

Can I prevent being dusted?

Although it is unlikely for cryptocurrency users to fall victim to dusting episodes, they should still take a few steps to protect themselves against such crypto attacks.

Due to high transaction fees, it's more expensive for a hacker to launch a crypto dusting attack than a few years ago. However, cryptocurrency users should take steps to secure their funds.

Dusting attacks rely on analyzing multiple addresses, so if a dust fund is not moved, attackers cannot track a transaction to make the connections needed to "deanonymize" wallets.

Simple measures like due diligence and education can go a long way in tackling wallet attacks. However, more elaborate and effective methods can be used to protect a wallet's funds:

  • Use Privacy Tools: The Onion Router (TOR) or a virtual private network (VPN) can increase anonymity and strengthen security.

  • Use Privacy Coins: Privacy coins like Monero, Zcash, and Dash are designed to protect the privacy of the users. These coins use advanced encryption techniques to ensure that the transactions remain private.

  • Use Multiple Wallets: Using multiple wallets can help in avoiding crypto dusting attacks. When you use multiple wallets, you reduce the risk of linking all your transactions to one wallet.

  • Use a Hierarchical Deterministic (HD) Wallet: to automatically create a new address for each new transaction, making it difficult for hackers to trace the thread of your transactions.

  • Use Dust Conversion Services: that automatically swap crypto dust into native tokens to use in future trades.

  • Be Cautious of Unknown Transactions: If you receive small amounts of cryptocurrency from unknown sources, be cautious. It could be a crypto dusting attack. Do not click on any links or respond to any messages.

  • Use KYT Address Verification Tools: to check that the address behind the dust deposit is not associated with illicit activities or criminality (Hint: Savl has KYT built-in)

To protect their funds, cryptocurrency users should guard against dusting and deanonymizing attacks. But they should also be aware of other cyber threats, such as ransomware, which is malware that prevents access to digital files until a ransom is paid.

Conclusion

Crypto dusting attacks are a new type of cyber-attack that can compromise the privacy of users. However, by following the tips mentioned above, you can reduce the risk of such attacks. Always be cautious of unknown transactions and use privacy coins to protect your privacy. Stay safe and enjoy investing in cryptocurrencies!

Unity Wallet © 2024, All Rights Reserved

Impressum

The software for the Unity Wallet mobile application is developed by the Developer. This Website www.unitywallet.com and the Unity Wallet mobile application are distributed and provided to the users of this website and/or of the Unity Wallet mobile application exclusively by the Content Provider, according to the Terms of Use and the Privacy Policy

Developer

SAVL GmbH, c/o Schwärzler Rechtsanwälte Attorneys, Baarerstr. 75, 6300 Zug, Canton of Zug, Switzerland

Content Provider (for the Website/App)

SAVL Limited, a company incorporated under the laws of Cayman Islands, with a registered office at 190 Elgin Avenue, George Town, Grand Cayman KY1-9001, Cayman Islands

Unity Wallet © 2024, All Rights Reserved

Impressum

The software for the Unity Wallet mobile application is developed by the Developer. This Website www.unitywallet.com and the Unity Wallet mobile application are distributed and provided to the users of this website and/or of the Unity Wallet mobile application exclusively by the Content Provider, according to the Terms of Use and the Privacy Policy

Developer

SAVL GmbH, c/o Schwärzler Rechtsanwälte Attorneys, Baarerstr. 75, 6300 Zug, Canton of Zug, Switzerland

Content Provider (for the Website/App)

SAVL Limited, a company incorporated under the laws of Cayman Islands, with a registered office at 190 Elgin Avenue, George Town, Grand Cayman KY1-9001, Cayman Islands

Unity Wallet © 2024, All Rights Reserved

Impressum

The software for the Unity Wallet mobile application is developed by the Developer. This Website www.unitywallet.com and the Unity Wallet mobile application are distributed and provided to the users of this website and/or of the Unity Wallet mobile application exclusively by the Content Provider, according to the Terms of Use and the Privacy Policy

Developer

SAVL GmbH, c/o Schwärzler Rechtsanwälte Attorneys, Baarerstr. 75, 6300 Zug, Canton of Zug, Switzerland

Content Provider (for the Website/App)

SAVL Limited, a company incorporated under the laws of Cayman Islands, with a registered office at 190 Elgin Avenue, George Town, Grand Cayman KY1-9001, Cayman Islands

Unity Wallet © 2024, All Rights Reserved

Impressum

The software for the Unity Wallet mobile application is developed by the Developer. This Website www.unitywallet.com and the Unity Wallet mobile application are distributed and provided to the users of this website and/or of the Unity Wallet mobile application exclusively by the Content Provider, according to the Terms of Use and the Privacy Policy

Developer

SAVL GmbH, c/o Schwärzler Rechtsanwälte Attorneys, Baarerstr. 75, 6300 Zug, Canton of Zug, Switzerland

Content Provider (for the Website/App)

SAVL Limited, a company incorporated under the laws of Cayman Islands, with a registered office at 190 Elgin Avenue, George Town, Grand Cayman KY1-9001, Cayman Islands