Everything You Need to Know About the Dusting Attack

0 22


What actually happens and why?

A dusting attack involves sprinkling crypto wallets with miniscule amounts of crypto to connect multiple addresses to a single owner. Some articles vaguely touch upon the logic behind the attack, while others dismiss it as a marketing tactic that misfired.

One article even states that it is a ploy to foil blockchain analytics tools, claiming that it is “an attempt to dust every address with money laundering funds, thereby soiling virtually every user’s reputation.”

But we’re sure there’s more to it….

“After dusting multiple addresses, the next step of a dusting attack involves a combined analysis of those various addresses in an attempt to identify which ones belong to the same wallet,” Binance explains in this very interesting video and article. “The goal is to eventually be able to link the dusted addresses and wallets to their respective companies or individuals. If successful, the attackers may use this knowledge against their targets, either through elaborate phishing attacks or cyber-extortion threats.”

But the blockchain is transparent anyway, isn’t it? So what information do attackers gain from the dust that they can’t get by just looking at the blockchain? Why send any dust at all?

The answer lies in “hierarchical deterministic wallets” (HD wallets) and the logic they use in determining which unspent transaction outputs (UTXO) will be used to make a payment. Essentially every unspent amount in your wallet is a UTXO.

Let’s look at an example. Tim is a crypto enthusiast who uses an HD wallet. He HODLs 500 BTC in one address. He also trades on an exchange and uses his wallet to make transactions.

A snapshot of Tim’s HD wallet. HD wallets are far more complicated with multiple UTXOs of varying denomination under each address, but we’re keeping it simple for clarity.

If Tim sends 3.2 BTC to Binance, UTXO 2 and UTXO 4 amounting to 3.5 BTC (the transaction fee also needs to be taken into account) are picked up and sent to the exchange.

If Tim spends 1.35 BTC at Amazon, UTXO 5 and UTXO 7 amounting to 1.6 BTC are picked up.

If Tim sends 1.2 BTC to a friend, UTXO 6 and UTXO 8 amounting to 1.4 BTC will be picked up.

In all situations, change, if any, minus the transaction fee is sent back to completely new addresses in Tim’s HD wallet.

Note that only the UTXO closest to the amount to be paid is selected.

It is always approximately 3.2, 1.35, 1.2 or any other small amount that Tim would like to trade. The 500 BTC is never picked up; therefore, the address containing it is not exposed, and hence it cannot be connected to the other addresses from where the UTXO is being sent. There’s no way to trace it to Tim even if this address is available on the blockchain.

And here’s where the dust helps!

Anna wants to find the identity of the address containing 500 BTC, so she sends some dust (0.000005 BTC) to that address. Note that the dust is also UTXO, it’s called dust because it’s so insignificant, even lesser than the minimum transaction fee required to send crypto. Anna can be a government entity or a service connected to identifying people in crypto. She could also be a hacker.

A snapshot of Tim’s HD wallet. HD wallets are far more complicated with multiple UTXOs of varying denomination under each address, but we’re keeping it simple for clarity.

Tim fails to recognize the dust, and continues to trade with Binance, shop, and pay his friends. As long as the dust isn’t picked up, there’s no real problem. It’s important to note that different HD wallets employ their own strategy to pick up UTXO. However, if the dust is picked up along with the other UTXO in any future transaction, it is broadcast on the blockchain and the address is exposed.

When that happens, Anna will be able to track all the addresses related to the dusted address that contains the 500 BTC. And it doesn’t stop there. If the dust has been picked up with UTXO 5 from Address 4, for example, Anna will be able to see the entire transaction history for Address 4 — shops visited, payments made, trades with Binance, every single transaction is up on the blockchain.

If Anna is a hacker, things can get ugly! Hackers can use dust to identify their victims and then subject them to phishing attacks and cyber-extortion.

Dusting makes it easier for government authorities to track how much crypto you hold. All they need to do is contact or issue a subpoena to the exchange after your accounts have been dusted. It is common knowledge that many cryptocurrency exchanges collect personal data through a KYC verification process, so when users move funds between their personal wallets and exchange accounts, they run the risk of being being de-anonymized.

So, how do you protect your identity?

  • Private wallet holders are usually targeted by dusting attacks. Therefore, it’s important to keep track of incoming funds. Some wallets have the provision that allow you to mark such small unknown deposits in your wallet, so that you never use this UTXO for further transactions.
  • Another option is to transfer the amount in the dusted address to a new HD wallet. We recommend that you have two HD wallets — one to store big UTXO and another for small UTXO. If you do this, they will never be mixed and you will not risk sending them to a centralized service in a bundle transaction.

You must be thinking …if I do that, how do I transfer crypto from the HD wallet that contains all the big UTXO to the one that contains the small UTXO without being tracked as this transaction will be on the blockchain?

Please follow us for the answer, which will be explained very soon in another article.

You might also like

Pin It on Pinterest

Share This

Share this post with your friends!

WhatsApp chat