What is a dust attack?

icon FOR
Photo - What is a dust attack?
If still waters run deep, then dust runs deep in crypto wallets. What is the danger behind the amount which is inferior to the transaction fee size? Modern scammers can use it for their purposes.
Dust is a common phenomenon for traders. It is a small amount of tokens that hang in the wallet and, at first glance, do not mean anything. For example, for bitcoin, several hundred satoshis are dust.

Transactions with dust are almost imperceptible, so you can miss the moment when a tiny amount appears on your account and continue to make transfers. Some traders do not pay attention to it, while others believe someone made a mistake when sending funds. But in fact, dust can become a first warning about scammers activity.

What is a dust attack?

A dust attack is a way for attackers to obtain information about the wallets‘ transaction data to deanonymize their owners. This scam peaked in 2018-2019. Then the Samourai wallets’ owners, who massively received bitcoin dust, and the Litecoin network were in danger. Thanks to the prompt response from the crypto platforms management, it was possible to warn users and avoid sad consequences.

A dust attack should be considered preparation for a full-fledged spear-phishing attack. Having obtained confidential data about traders and their transactions, attackers can extort funds for identity non-disclosure.

How does a dust attack occur?

During the preliminary stage, scammers collect a large amount of data, among which merged crypto wallet databases play a unique role. After that, the dust attack begins directly. Attackers:

  • send dust particles to hundreds and thousands of wallets;
  • wait for the victims’ following transactions, which will be carried out already with the dust;
  • collect up-to-date information about transfers and traders’ activity, comparing it with previously received data;
  • turn to blackmail and extortion if deanonymization is successful. 

As a rule, the dust attack’s victims are owners of hefty sums stored in cryptocurrencies or individuals who, due to their occupation/country of residence, are prohibited from the crypto industry. If you are an ordinary user with about $1,000 in your account, you are unlikely to be of increased interest. But you’d better keep an eye out.

Dust Attack vs. Dust Phishing Attack: What's the Difference?

Attackers' tools may differ depending on their goals and capabilities. For example, sending dust to the destination tag can add potentially dangerous links and motivate you to click on them. If the user performs this action, they will be subjected to a full-fledged phishing attack.

This situation should not be considered a classic dust attack. In this case, the dust is only used to deliver malicious links to large numbers of traders quickly.

Are Dust attacks carried out only by scammers?

There is an opinion among crypto analysts that a dust attack is a tool not only for cybercriminals but also for law enforcement agencies and crypto exchanges. With the help of dust, they track the transactions of criminals and prevent hacks with cryptocurrency theft.

There are known cases of dust attacks as part of marketing campaigns. The DeFi social network Steemit used dust to send news and bonus tokens to its users.

How to protect yourself from transactions with dust?

Even though dust attacks are currently infrequent, additional personal data protection will be manageable. It is easier to prevent cyber attacks than to deal with their consequences. How to behave in order not to become a victim of scammers?

  1. Use cryptocurrencies with a high level of anonymity.
  2. Work with anonymous crypto wallets, and create a new wallet for each transfer.
  3. Activate dust tracking if your wallet supports it.
  4. Refrain from following unknown links in the destination tag.
  5. Convert dust particles or use a mixer.

Conclusions

Dust attack is a phenomenon that every trader might face. Improve the protection of confidential data, and be careful when making any transactions!