Here is a form of a cyber attack that is largely unknown to users in the crypto space and I feel it’s time to bring it to your attention.
Throughout my “Crypto Jargon” series I have discussed many types of cyber attacks and crypto-related threats that you should look out for and this one is certainly one of them.
It is an attempt to de-anonymize cryptocurrency wallets (and their owners) which can result in phishing, extortion or more sinister threats, so take a moment to learn about it.
What is Dust?
The term itself is referring to tiny amounts of Bitcoin or another cryptocurrency.
These can be between one to a few hundred satoshis for instance (if we refer to bitcoin) or when you’re trading, on many exchanges you will have such tiny amounts of various coins that are left over and cannot be used in trades, so they appear to be “stuck”. This happens in Binance a lot, also in Kucoin and other exchanges, where such small amounts do not meet the limit for a single trade. These are called dust.
Technically speaking, the dust limit is calculated according to the size of inputs and outputs, which normally computes to 546 satoshis for legacy Bitcoin transactions (non-SegWit), and 294 satoshis for native SegWit transactions. This means that any regular transaction equal to or smaller than 546 satoshis will be considered spam and are likely to be rejected by the validating nodes. This is why most of the scam attacks using dust are sending larger transactions, sometimes up to a thousand or a few thousand satoshis.
A Dusting Attack is aiming to discover the owner of a crypto wallet. The attacker would send multiple dust transactions to various wallet addresses then will use a combined analysis of those various addresses in an attempt to identify which ones belong to the same wallet. Once a wallet is identified, the attacker may use this in phishing attacks or cyber-extortion threats. This can also be an attempt from a government regulator to identify individuals or companies that operate with cryptocurrencies for tax or other AML reasons.
To avoid becoming a victim of such attacks one must simply NOT MOVE the dust coins they recieve. Since dusting attacks rely on a combined analysis of multiple addresses, if a dust fund is not moved, attackers are not able to make the connections between these wallets to “de-anonymize” them.
Along with dusting and other de-anonymizing attacks, it is also important to be wary of the many other security threats that occur in the cryptospace, such as Cryptojacking, Ransomware, Phishing and a few more which you will find explained in this post.
Enjoying this content? Go check out “Crypto Jargon A-Z” — eBook out now on Kindle.
It’s an Amazon Best Seller and it’s the most up-to-date Crypto Dictionary with more than 700 terms, acronyms and trading slang related to cryptocurrencies and blockchain tech.
Just go to ojjordan.com/cryptojargon and grab your digital copy today.