The LTC Dusting Attack Explained
By Tara Annison on ALTCOIN MAGAZINE
At the beginning of August 2019, blockchain data provider Glassnode and crypto exchange Binance warned of a dusting attack which was initially reported to have affected 50 Binance users but later revealed to have impacted almost 300,000 LTC users.
So what is a dusting attack, how does it work and what’s the risk?
What Is Dust?
Let’s first start with the term ‘dust’. This refers to tiny amounts of a cryptocurrency which are often smaller than the network transaction fees and so can’t be moved from the address they are associated with.
Let’s unpack this a little;
Unlike fiat which has a 2 decimal place minimum (allowing you to move £0.01 or $0.01), a bitcoin has 8 decimal places, allowing it to be partitioned into the smallest denomination, known as a Satoshi (0.0000001 BTC). To move funds from one person’s address to another, we must also pay a network transaction fee. This is to pay the miner who includes the transaction into a candidate block and successfully mines the block to add it to the blockchain. These network fees will increase if many people are trying to transact since only 1MB worth of transactions can be included in a block, and a block is processed roughly every 10 minutes. As such people will need to pay more to entice the miners to include their transaction in the next block: https://bitcoinfees.info/
But how can dust accumulate — let’s look at an example?
Alice has 0.0005 BTC within her BTC wallet — this is actually a cumulative balance across a number of addresses with a number of unspent transaction outputs, referred to as UTXOs (for a full refresher on UTXOs read: https://www.linkedin.com/pulse/understanding-bitcoin-transactions-tara-annison/).
She sends 0.00035BTC to Bob.
Let’s say that the current network transaction fee is 0.0001BTC so this amount is kept by the miners for processing the transaction, and the total Alice has remaining is 0.00005BTC. If Alice is using an HD wallet then this amount will be moved to a new address — called her ‘change’ address and so becomes a new UTXO (for a full refresher on HD wallets read: https://www.linkedin.com/pulse/what-bitcoin-wallet-tara-annison/).
However, Alice can’t move these funds further as the current network fee is greater than the value she has in her new address. This is therefore referred to as dust.
What Is Dusting Attack And Why Is It Used?
A dusting attack is where dust is sent to a large number of addresses. Many people won’t notice this incremental increase in their holdings or will see it as ‘free’ money. However, it can have potentially damaging effects on privacy and provide malicious actors with on-chain analysis leading to further attack methods. The key outcome of a dusting attack is to deanonymize.
The dust becomes another UTXO associated with your address and can be included in the UTXO selected when a transaction is formed.
This allows nefarious actors to track the movement of dust and build up an ownership mapping across the ecosystem — known as address clustering. This could be combined with social engineering techniques, phishing or cyber-extortion attempts but on its own reduces the privacy over which addresses a user owns.
However, dusting has also previously been used as a marketing technique where companies send a small amount of crypto and a marketing message to advertise their product or service. This was purported to be the case in the 2018 Samurai wallet dusting attack where the offender was found to be a Russian mining pool who claimed they were unaware that their promotional dusting could also be used by illicit actors to deanonymize user’s address holdings.
Another dusting motivation may be to inhibit blockchain AML and therefore help enable illicit activity across the eco-system. There are companies, such as Elliptic, who provide comfort to crypto businesses by assessing the risks associated with blockchain addresses and transactions — therefore helping them to avoid deliberately handling ‘dirty’ money. However, some nefarious actors may wish to try and throw these tools off the scent and so pollute clean addresses with ‘dirty’ dust. This makes it more difficult for blockchain AML companies to determine which addresses and transactions are linked with nefarious activity and which have been dusted with dirty money.
How To Protect Yourself From Dusting?
Unfortunately, it’s impossible to protect yourself fully from a dusting attack since if someone knows or guesses your address then they can send you a transaction containing dust. However, some wallets (such as Samurai) allow UTXOs to be marked as ‘do not touch’ and therefore they will not be included in future transactions — thereby reducing the attacker’s ability to address cluster.
In addition to this, following good blockchain hygiene of only using an address once can help reduce the impact of a dusting attack, and of course, as you would with your email account and spam emails or bank account and unexpected payments — always stay vigilant for possible attacks.
For more blockchain and cryptocurrency articles, follow me on LinkedIn @TaraAnnison