The dusting or dust attack refers to a relatively new type of malicious activity, in which hackers and scammers try to violate the privacy of Bitcoin and cryptocurrency users by sending small amounts of coins to their personal wallets. Then the transactional activity of these portfolios is monitored by attackers who perform a combined analysis of several addresses as an attempt to identify the person or company behind each portfolio.
What is dust?
In the language of cryptocurrency, the term “dust” refers to a small number of coins or tokens, so small that most users do not even notice. Using Bitcoin as an example, the smallest unit of BTC currency is 1 Satoshi (0.00000001 BTC), so we can use the term “dust” to mean a couple of hundred sati.
In cryptocurrency exchanges, dust is also a name given to small amounts of coins that “remain blocked” on user accounts after the execution of trade orders. Dust budgets are not sold, but Binance users can convert them to BNB.
When it comes to Bitcoin, there is no official definition for dust attack, because each software implementation (or client) can take on different threshold values. The Bitcoin core defines dust as the output of any transaction is less than the commission for this transaction, which leads to the concept of dust restriction.
From a technical point of view, the dust limit is calculated based on the size of the inputs and outputs, which usually calculates 546 satoshi for normal Bitcoin transactions (not SegWit) and 294 satoshi for the segment’s own transactions. This means that any normal transaction equal to or less than 546 satoshi will be considered spam and is likely to be rejected by the check nodes.
Scammers have recently realized that cryptocurrency users do not pay special attention to these small amounts that appear in their portfolios, so they began to “clean” a large number of addresses by sending them a few Satoshi. After removing more addresses, the next step in the dust attack involves a combined analysis of these different addresses in an attempt to determine which of them belong to the same portfolio.
The goal is to finally be able to connect dusty addresses and portfolios to relevant companies or people. If successful, attackers can use this knowledge to achieve their goals, either through sophisticated phishing attacks or threats of cyber-extortion.
Dust attacks were originally performed using bitcoins, but they also occur with other cryptocurrencies running on a publicly accessible and traceable blockchain.
At the end of October 2018, Bitcoin’s developers Samourai Wallet announced that some of their users had been attacked by dust. The company sent tweets to warn users of attacks and explain how they can protect themselves. The Samourai Wallet team has implemented a real-time dust tracking alert and a Do Not Spend feature that allows users to check for suspicious funds, so they are not included in future transactions.
Since dust attack is based on a combined analysis of several addresses, if the dust pool does not move, the attackers cannot establish the necessary connections to “anonymize” the purses. Samourai Wallet already has the ability to automatically report suspicious transactions to its users. Despite the dust limit of 546 satoshi, today many dust attacks are much higher than him and usually range from 1,000 to 5,000 sati.
Because Bitcoin is open and decentralized, anyone can create a portfolio and join a network without providing any personal information. Although all Bitcoin transactions are public and visible, it is not always easy to find the person behind each public address or transaction, and this is what makes Bitcoin a bit anonymous, but not completely.
Peer-to-peer (P2P) transactions are likely to remain anonymous because they are executed without the involvement of any intermediary. However, many cryptocurrency exchanges collect personal data through KYC verification processes, which means that when users move funds between their personal portfolios and account exchange, they risk being somehow anonymous. Ideally, a new bitcoin address should be created for each new payment transaction or payment request as a way to preserve the user’s privacy.
While the bitcoin blockchain is almost impossible to crack or destroy, portfolios often pose a serious problem. Because users do not share their personal information when creating an account, they cannot prove theft if a hacker gets access to their coins – and even if they can, it will be useless.
When a user stores his cryptocurrency in his personal portfolio, he acts as his own bank, which means that he can do nothing if his personal keys are broken or lost. Every day, privacy and security are becoming more and more valuable not only for those who have something to hide but for all of us. And this is especially valuable for cryptocurrency traders and investors.
In addition to removing dust and other de-anonymizing attacks, it is also important to fear other security threats that are part of the cryptocurrency space, such as cryptocurrency, extortionists, and phishing. Other security measures may include installing a VPN along with a reliable antivirus on all devices, encrypting portfolios and storing keys in encrypted folders.