What is a Dusting Attack?
A dusting attack is when a fraudulent actor sends an array of microtransactions to different target addresses. These transactions have usually low value, or even 0 value if done using fake tokens tickers resembling real, legitimate coins.
A dusting attack can have different goals, like:
- Deanonymizing wallets
- Confusing authorities and audits
- Baiting transactions
Dusting attacks were initially carried out on Bitcoin, but nowadays, they are mostly found on Ethereum and BSC, due to lower fees, the flexibility and scalability of smart contracts and the endless tokens and projects running on these blockchains.
In crypto jargon, “dust” refers to a balance so low that it goes unnoticed, because it is lower than the fees themselves or below the minimum limits set by an exchange.
However, dust can still be moved around and its movements can generate traces that can be exploited by criminals to reach their malevolent goals.
The most common goal reached through a dusting attack is to find out who’s behind a determined wallet. The attacker dusts wallets with the intention of deanonymizing them by observing where the funds go.
Cryptocurrency users tend to overlook small amounts in their wallet addresses. Once the user receives the tiny transactions, attackers begin to analyse the dusted addresses to determine which ones belong to the same wallet. If successful, they can link these wallets to individuals or companies and use the information to launch phishing attacks or extortion threats to the wallet’s owner.
In areas where political instability and violence are commonplace, dusting attacks can even have extreme consequences, like physically forcing wallet holders to hand over their private keys or having family members kidnapped for a cryptocurrency ransom.
Note that attackers need to analyse multiple addresses to deanonymize wallets, so if dust funds are not moved, they can't make connections. Some wallets can automatically report suspicious transactions to users and if the blockchain is UTXO based (like Bitcoin for example), the unspent dust balance can be “frozen” so to avoid it being moved around.
Confusing Authorities and Audits
If dusting can be used to track and deanonymize wallets, it can also be employed to do the opposite. Multiple small transactions to thousands of different wallets can make auditing an address extremely hard, slowing or even stopping authorities’ investigations.
For example, if a large criminal gang gets a tip that the police are trailing them, it could dust several random wallets to spread their illicit funds around the blockchain, raising a curtain of dust in front of the authorities. This may help the criminal group to conceal its traces, at least for as long as it is needed to relocate to a safer jurisdiction or to reorganise in a new structure.
Dusting transfers might even come from addresses that look like one of the victim's legitimate addresses, mimicking the initial and/or final digits. This tactic is used to confuse the victims and trick them into sending funds to the fraudster's wallet.
It is possible to create these wallets via tools like Vanity ETH , or via contract implementation for the most complex operations.
The attacker hopes that the victim copies the wrong address, just looking at the last 4 digits of the wallet, and sends the funds to the attacker’s address.
A typical example is when an attacker notices that Joe uses to send his funds from MetaMask to his SwissBorg wallet 0xd132B0B0F89D688fd65ad07177Bf79dA22B4876d.
The attacker will generate the wallet 0x420553DD7A78772a4D9F2e282c328b0B6797876d and simply send a very small amount of money (dust funds) to Joe’s Metamask wallet. The attacker hopes next time Joe moves funds, he will copy the address details from his last transaction on MetaMask rather than from the SwissBorg app.
How to protect yourself from these attacks?
As a first step, take the following precautions:
- Share your wallet details only with entities you trust.
- Use multiple addresses. This will strengthen your online privacy.
- Avoid airdrops from dubious entities and/or from projects promising huge returns. Airdrops are a massive vehicle for dusting attacks!
- Always make sure to copy the payment details from the official page of the entity you want to send the money. For example, if you want to transfer to your SwissBorg account, ALWAYS copy the destination wallet from the app. NEVER copy the destination wallet from other sources, not even from your Metamask transaction history.
- Avoid sharing your SwissBorg wallet publicly.
If you wish other users to send you funds on your SwissBorg wallet, the safest and most efficient way is through Smart Send , which allows you to send and receive crypto simply by using your phone number and free from any fee!