Learn: What is a crypto dusting attack?

Crypto dust is small amounts of cryptocurrency sent to a large number of wallet addresses with benevolent or malicious purposes.

Generally, dust is considered the amount of cryptocurrency equal to or lower than a transaction fee. Bitcoin, for example, has a dust limit imposed by Bitcoin Core, the Bitcoin blockchain software, of around 546 satoshis (0.00000546 BTC), the smaller denomination of Bitcoin (BTC). The wallets’ nodes that apply such a limit may reject transactions equal to or smaller than 546 satoshis.

Dust could also be the small amount of cryptocurrency that remains after a trade as a result of rounding errors or transaction fees and can accumulate over time. That small amount is not tradeable but can be converted into the exchange’s native token.

Crypto dust should not pose a significant threat, as it has mainly been used for legitimate rather than malicious purposes. For example, reaching out to wallet holders via dusting can be an alternative advertising method to more traditional mailshots. The dust transactions can contain promotional messages, so dusting is used instead of mailshots.

Despite not being a major concern, crypto users should still know what a dust attack is and take measures to protect themselves should it occur.

What is a crypto dusting attack?

A dusting attack occurs when small amounts of crypto assets, called dust, are sent by malicious actors to multiple wallet addresses — just like dust — scattered across blockchain networks.

Blockchain technology is pseudonymous, meaning that owners of a cryptocurrency address are not defined by their names or any other personal data. However, the blockchain ledger is transparent and traceable; thus, all transactions are visible to everyone, and a user’s activity can be tracked down following the history of that specific address.

When attackers transfer dust to cryptocurrency wallets, they want to invade the privacy of their owners by tracking down their funds when they move them from one address to another. The attacker’s goal is not to steal cryptocurrency — as simple dusting won’t allow it — but rather associate the target’s address with other addresses that may lead to identifying the victim through off-blockchain hacking activity.

A crypto dusting attack can occur in most public blockchains, including Bitcoin, Litecoin and Dogecoin. A dusting attack aims to link the attacked addresses and wallets to the personal data of their related companies or individuals and use this knowledge against their targets, either through elaborate phishing scams, cyberextortion threats, blackmail or identity theft to make a profit.