There have been discussions on the intention of dusting attacks as first announced by the Samourai wallet in 2018. This attack became even more pronounced when Binance announced in 2019 that several litecoin wallets were hit by a dusting attack.
Analysts have not come to conclusion the main intention of people who carried out these attacks even though there was an outreach from the Russian mining pool responsible for the Binance Litecoin wallets attack, stating that it was undertaken for promotional purposes.
What analysts have concluded is that an innocuous action may be exploited by malicious third-party to steal the cryptocurrency of victims of dusting attacks. Even though this attack was on Litecoin wallets as in the Binance case, it is important to note that this threat is not faced by just users of Bitcoin and litecoin. Any public blockchain could be a target of this attack.
What is Dusting Attack?
Let’s start by identifying a dusting attack to understand its scope and what the intention of the attackers could be. The Samourai wallet, which first announced this attack on October 25, 2018 in a tweet, warned its users that they may be targets of dusting attack if they received minute amounts of cryptocurrency in their wallets. This is especially of high concern if the source of the ‘dust’ is unknown.
If you have recently received a very small amount of BTC in your wallet unexpectedly, you may be the target of a “dusting attack” designed to deanonymise you by linking your inputs together – Samourai users can mark this utxo as “Do Not Spend” to nip the attack in the bud. pic.twitter.com/23MLFj4eXQ— Samourai Wallet (@SamouraiWallet) October 25, 2018
A bitcoin dust for instance is a very small amount of bitcoin in satoshis, that the owner of a wallet may not even notice their presence because they are insignificant in comparison to the overall wallet balance. In dusting attacks, the attacker sends these ‘dust’ to many wallets with the intention of trailing the movement of the dust particles with the aim of using convergence to unravel the identity of the owner(s) of wallets. They could then make the owners targets of phishing attacks through which their digital assets are stolen.
The strategy that makes dusting attacks remarkable is that it is based on the wallet’s unspent output. This means that it is easy for the owner of the wallet to add the dust to their main balance while sending out their BTC, LTC or any other coin to another wallet. The attacker would be able to put two and two together and narrow down the identity of the owner of the wallet using blockchain analysis tools.
The Binance Attack
The Binance team stated that 50 Litecoin addresses received 0.00000546 LTC sprinkled to them from a wallet which was later traced to a mining pool in Russia. The owner of the pool who reached out to the team stated that it was for advertisement purposes without realizing that they created fear in the LTC community as well as a map which could be exploited by hackers and other malicious players later in the quest to steal the digital assets of those affected by the attack.
James Jager, project lead at Binance Academy said
“We became aware of the dusting attack on Saturday morning when one of our binance angels had received a small amount of LTC into their litecoin wallet.”
Unknown to them, the attack was more widespread as Jan Happel of Glassnode, the blockchain data concern would later explain. Happel said that an analysis of Litecoin wallets in Binance shows that 300,000 wallets showed signs of dusting.
“We have done a quick query into the LTC blockchain and analyzed the number of utxo’s that carry a smaller value than the mean tx fee that day. If a UTXO contains less balance than the minimum amount required to spend it (fee) that day, it becomes stuck/unspendable — this is what we technically define as dust.”
How To Prevent Dusting Attack
Well… you have no way of stopping people from sending you coins since your wallet is public on the network. However, some basic steps should be to take the advice of the Samourai Wallet team which has obviously made it possible that users of their wallet could mark or flag dusts. In the earlier referred tweet, the Samourai team asked users to “mark this utxo as “Do Not Spend” to nip the attack in the bud.” Observant holders of cryptocurrencies should not spend identified dust found in their wallets.
Wallets that generate new addresses for every new transaction add to the security and privacy of the owners. These should be utilized to add the extra layer of protection in the quest to evade being linked through analysis after a dusting attack. This is what Satoshi Nakamoto meant by hierarchical deterministic wallet.
Other Using of Dusting Attacks
As mentioned earlier, the launcher of the Binance attack said it was a promotional campaign for their mining pool. Other services such as Bitcoin blenders have used it to advertise their services by adding a message to the small amount of crypto sent out to prospective users. Dusting has criminal uses also. Money launders could use dusting attack to confuse the trail of law enforcement agencies monitoring the blockchain. Dusting thousand of wallets with a portion of dirty money would leave analysts at a loss which trail to follow.
In summary, the best protection against dusting attack is never to spend dusts from unknown sources. Be sure that every transaction on the network is done with a newly generated wallet address and also install good anti-virus software on your device to help protect you against phishing attacks aimed at stealing your coins. Also, don’t forget the good old cold storage of large volume of cryptocurrencies using hardware wallets.