What Is a Dusting Attack?



via binance

A dusting attack refers to a new kind of malicious activity where hackers and scammers try and break the privacy of Bitcoin and cryptocurrency users by sending tiny amounts of coins to their personal wallets. Many Bitcoin adepts operate under the assumption that their anonymity is well protected against efforts to infiltrate their transactions, but unfortunately, that is not the case.

Dust Definition

In the language of cryptocurrencies, the term dust refers to a tiny amount of coin or token - an amount that is so small that people tend to ignore. Taking Bitcoin as an example, the smallest unit of the currency is 1 satoshi (0.00000001 BTC) and we could refer to a couple hundreds of satoshi as dust.

In other words, dust is a tiny transaction or amount that is not even worth sending because it is much smaller than the transaction fees. Within cryptocurrency exchanges, dust is also the name we give to tiny amounts of coins that “get stuck” and are not tradeable.

Most people do not take notice of their wallet’s dust and rarely worries about its origin. Until recently, it was totally okay to not pay attention to these tiny amounts on your wallets, but with the creation of dusting attacks, we can no longer say that.

Dusting Attack

Scammers recently realized that Bitcoin users do not pay much attention to these tiny amounts showing up in their wallets, so they began “dusting” a large number of addresses by sending a few satoshis to them. They then started to track those funds and all transactions of those dusted wallets, which allowed them to link addresses and to eventually determine the companies or individuals behind those wallet addresses. This knowledge can later be used to construct targeted phishing attacks or attacks such as cyber-extortion on unaware victims.

I know who you are, pay me and I will not reveal your identity

Dusting attacks were initially performed with Bitcoin but they are also happening with other cryptocurrencies that are running on top of a public and transparent blockchain.

In late October 2018, developers of the Bitcoin’s Samourai wallet announced that some of their users were under dusting attack. The company sent out a tweet warning their users and explaining how they could protect themselves. In order to protect their users against dusting attacks, the wallet now offers a real-time alert for dust tracking as well as a “Do Not Spend” feature that enables the users to mark those suspicious funds and avoid using them in future transactions.

If a dust fund is not moved, attackers are not able to make the connections they need to “de-anonymize” the users of that wallet or the address owner. Samourai wallet already has the ability to automatically report transactions below the limit of 546 satoshis, which offers some level of protection. This limit is automatically adjusted by the software based on current market conditions.

Bitcoin Pseudonymity

Since Bitcoin is open and decentralized, anyone is able to set up a wallet and join the network without providing any personal information. Although all Bitcoin transactions are public and visible, it is not always easy to find the identity behind each public address or transaction and this is what makes Bitcoin somewhat private - but not completely.

Peer-to-peer (P2P) transactions, which are the ones made between two parties (without the involvement of any intermediary) are more likely to remain anonymous. Noteworthy, Bitcoin users are supposed to use each wallet address only once, as a way to preserve their privacy.

However, most cryptocurrency adepts and traders make use of third-party exchanges and will eventually have their personal wallets linked to their exchange wallets, and thus, linked to their personal information. Hence, if you are into cryptocurrency trading, it is important to choose a trustworthy and secure exchange.

Therefore, it is important to keep in mind that, unlike many tend to believe, Bitcoin is not really an anonymous cryptocurrency. Besides the recently created dusting attacks, there are many companies, research labs, and governmental agencies performing blockchain analyses as a way to de-anonymize the blockchain.

Other Privacy and Security Concerns

While the Bitcoin blockchain is nearly impossible to hack, the wallets are a weak link in this cryptocurrency chain. Since users do not give up their personal information when they create an account, they cannot prove theft if some hacker gains access to their coins - and even if they could, that would be useless.

In fact, trying to follow up on Bitcoin theft is a futile enterprise for victims of that crime. If you hold Bitcoins in a personal wallet, which only you have access, then you are acting as your own bank and there is nothing you can do in case you lose your keys or your coins get stolen.

Privacy gets more and more valuable every day. Not only for the ones that have something to hide but for all of us. It is even more valuable for cryptocurrency traders and investors.

Along with dusting and other de-anonymizing attacks, you should also be wary of the other security threats that are evolving very quickly in the cryptocurrency space, such as Cryptojacking, Ransomware, and Phishing. Moreover, you should consider installing a VPN along with a trustworthy antivirus in all of your devices. Also, make sure to encrypt your wallets and to store your keys inside encrypted folders.


hey I got a dust attacked, I actually received a small amount of btc randomly to my address. to be exact 0.00000546 BTC and it looks like it was given to bunch of the addresses. Do I need to worry about that? it was sent to me from this address: 1ViViGLEawN27xRzGrEhhYPQrZiTKvKLo

does anyone know how can I make sure that my ledger nano s never spents this transaction utxo?


Just heard about it today.
From what i understand, you might be targeted.
I dont know how protection works either.


what I know is to never spent that transaction and you are good.
but I do not know how to do that within Ledger Nano S interface. I need to target that UTXO and never spent that transaction ever. thats how you protect yourself.


so move your BTC and then delete that wallet i suppose.


no that won’t work.
One must make sure that you never spent that transaction that was sent to you ever again.
So I wanted to make sure that my ledger nano S wallet knows how to mark that transaction as to never spent it ever again.
Samourai wallet has that feature. I wanted to make sure if Ledger has this or know about this issue.


Ivan on Tech gave a detailed explanation on how this attack works: https://youtu.be/4_KTf_yrMWU. Hope it helps answer your questions.


The question is how to do it on the blockchain… maybe Ivan covers that?


Ivan didn’t cover how to do this on the blockchain.


I sent email to Ledger support: here is their reply


Uyen (Ledger Support)

Feb 18, 16:51 CET


Thank you for contacting Ledger Support.

My name is Uyen and I will be gladly assisting you from now.

I am sorry to hear that you have encountered this issue.

Coin selection is not available in Ledger Live application yet. Thus, you can not do anything regarding this matter for the moment.

We do have the plan to integrate this feature. However, we are not unable to provide an exact ETA.

Thank you for your understanding.

Best regards,

Ledger Support

Note: we do NOT offer phone support.



dust be gone