Crypto Dusting, an Invisible Threat.
Crypto Dusting attacks are a web3 nightmare!
Their aims? Deanonymizing crypto users.
It is a relatively widespread — but known by very little — technique aimed at deanonymizing crypto wallet owners to better extort them and/or siphon their wallets through phishing.
Anyone could fall victim to it.
All the scammers need is a tiny little bit of crypto and your unawareness of the scam to trap you.
Here’s how it works.
What is Crypto Dusting?
In the preamble, it is essential to emphasize a fundamental aspect: Blockchain technology, contrary to widespread misconceptions, operates on a pseudonymous rather than anonymous basis.
While the identification of cryptocurrency address owners is not directly linked to their names or any identifiable personal information, it is crucial to note that the Blockchain ledger itself remains transparent and traceable.
As a result, all transactions conducted within the Blockchain ecosystem are openly visible to all participants, enabling the tracking of user activities through the comprehensive history associated with each specific address.
The exception being actual anonymous blockchains associated with privacy coins (EAOs) like Monero or Zcash. More on the subject:
In a dusting attack, a minute quantity of cryptocurrency, commonly referred to as “dust,” is deliberately dispersed across a significant number of addresses.
Just like so:
The main aim of fraudsters employing crypto dusting techniques is to exploit the inherent transparency of the blockchain in order to compromise the privacy of cryptocurrency owners.
The objective of the attacker does not revolve around the direct theft of cryptocurrency, as a mere dusting endeavor lacks the capability to accomplish such an outcome.
Instead, their aim resides in forging a connection between the target’s address and other addresses, thereby enabling comprehensive surveillance of user behaviors, potential wealth, and other financial activities associated with those addresses.
This is achieved by meticulously tracking the movement of funds from one address to another, allowing them to gain unauthorized access to information pertaining to the flow of funds.
This concerted effort may ultimately facilitate the identification of the victim through the employment of off-blockchain hacking techniques.
A dust attack is a success when the wallet owner amalgamates the minuscule amounts of cryptocurrency with other funds residing within the same wallet, subsequently employing these funds for various transactions.
The susceptibility to dusting attacks is more pronounced among UTXO-based addresses, commonly utilized in several blockchains such as Bitcoin, Litecoin, and Dash.
These addresses generate unique addresses for each residual change remaining from transactions. UTXO, akin to the change tendered by cashiers following a grocery shopping session, ensures prevention of double-spending by representing an unspent transaction output that can be utilized as an input for subsequent transactions.
A crypto dusting attack relies entirely on how oblivious the potential victims are to the reception of minute cryptocurrency quantities within their wallet addresses.
A very simple trick that can reap a formidable reward.
Here’s how.
How does the scam work?
The first step to any scam is to select the victims.
The addresses can be randomly chosen or obtained from various sources, including public forums or leaked databases. They scrape the web, similar to blockchain tracking services like Chainanalysis or Elliptic.
By sending dust to a large number of addresses, the attacker can track which addresses interact with the dust.
When a recipient consolidates or moves the dust to another wallet, it indicates activity on that address, allowing them to identify active addresses and prioritize them.
Sometimes people have their real-life (IRL) identity on display and may even use their wallet address as their Twitter handle, for example.
This makes it ten times easier for scammers to target them. That’s how scammers discovered that a certain Thomasg.eth had $125 million securely stored in his wallet and were eager to exploit it. We covered the full story here if you’re interested!
Probably the easiest way to find prime targets is by “farming” on Twitter or other social media platforms. Typically, it will be a tweet that promises crypto gains for a lucky winner after liking, reposting, and providing their ETH address.
There are hundreds a day.
It’s the perfect way to spot newcomers and/or credulous Web3 users who are ripe to be scammed, who are unknowingly painting a target on their back.
Their social media handle is now associated with an address, and through crypto dusting, other addresses.
This means that scammers now know exactly which doors to knock on!
The second step is laying the traps.
There are essentially two main Modus Operandi through which fraudsters make money using crypto dusting.
Cyber Extortion
Cryptodusting is used to profile and de-anonymize web3 users. By studying patterns and analyzing the blockchain, they can potentially link different addresses to a single user, uncovering the identity or transaction history of that individual. This information can be exploited for various malicious purposes, such as blackmail or targeted attacks.
Phishing Scams
Nowadays Crypto Dusting is used in phishing scams in a very peculiar way.
The “dust” is used to send a “memo” which informs the potential victim that they can “claim” an important amount of money or camouflage scam tokens as airdrops of free crypto. In order to access these attractive tokens, the targets are directed to phishing websites carefully crafted to look like they are legitimate.
That’s what happened to Binance Chain users in 2020.
In October 2020, scammers sent tiny amounts of BNB to multiple addresses with a link to a malicious website in the transaction Memo:
Other MO
More classic MO would be, for example, impersonating support or security teams.
The fraudster may pose as a support team member or a security representative, claiming to assist the user with the dust transaction or resolve any perceived issues.
With their knowledge of their target’s transaction activities and address ownership, they can create a false sense of trust. They may provide a sense of urgency, emphasizing that immediate action is required to protect the user’s funds or account. And then, either push their victim to reveal sensitive information like private keys or lead them to malicious websites to siphon their funds.
Side Note: Crypto dusting can also be used for money laundering purposes. By sending small amounts of illicitly obtained funds to numerous addresses, the attacker attempts to obfuscate the origin and destination of the funds. This complicates the tracing of transactions and makes it harder for authorities to track the flow of money.
How to protect yourself from Cryptodusting?
- Regularly Monitor Transactions: Keep a close eye on your cryptocurrency transactions and monitor your wallet activity. Be alert to any unexpected or unexplained transactions, particularly small and seemingly insignificant amounts.
- Do Not Interact with Dust: If you receive dust in your cryptocurrency wallet, it is advisable not to interact with it. Dust amounts are typically very small and not worth the associated risks. Leaving the dust untouched or disregarding it is the safest approach.
- Anti-Dust Tracking Techniques: To enhance security and privacy, one option is to utilize a hierarchical deterministic (HD) wallet, which generates a new address for each transaction automatically. This practice makes it challenging for hackers to track the sequence of your transactions. Additionally, you can leverage dust conversion services that facilitate the automatic conversion of crypto dust into native tokens, which can be used in future trades. This allows for efficient utilization of the dust while maintaining flexibility and convenience in your cryptocurrency activities.
- Exercise Caution with Unsolicited Messages: Be cautious when receiving unsolicited messages, emails, or social media communications related to cryptocurrencies. Treat them with skepticism, especially if they request personal information or access to your wallet.
- Avoid clicking on links or downloading attachments from untrusted sources: These could lead to malicious websites or malware that can compromise your security and expose you to further risks.
About us
Nefture is a Blockchain Security Company that secures crypto transactions!
With Wallet Alerts, you can get your Wallet security audit for free in just 24 hours. Plus, enjoy the added peace of mind that comes with immediate alerts on new wallet approvals, as well as a monthly security report!
Check if your wallet is compromised now ⚡https://www.nefture.com/
