Dust Attack
A dust attack sends tiny cryptocurrency amounts (dust) to many wallet addresses to track spending patterns and de-anonymize users on the blockchain.
What Is a Dust Attack?
A Dust Attack is a privacy-invasive tactic where attackers send tiny cryptocurrency amounts, known as "dust," to many wallet addresses. These minuscule transactions, often worth fractions of a cent, aim to track users' spending habits and de-anonymize them on public blockchains.
Attackers first collect wallet addresses from blockchain explorers, exchanges, or data breaches. They then broadcast transactions distributing dust—for example, 546 satoshis (0.00000546 BTC) to thousands of addresses. When a wallet owner spends any output, including the dust, it mixes with other inputs in a new transaction. Attackers monitor the blockchain to link these inputs and outputs, clustering addresses owned by the same user and potentially tying them to real-world identities via exchange KYC data or spending patterns.
This attack matters because blockchains are transparent by design. It undermines pseudonymity, exposing users to phishing, extortion, or surveillance. High-value wallet holders face greater risks, as attackers prioritize addresses with significant balances. Dust attacks have targeted Bitcoin users since 2018 and extend to Ethereum and other networks.
Key characteristics include low cost for attackers (batched transactions minimize fees) and unsolicited nature—victims receive dust without requesting it. Types vary: random mass distribution or targeted sends to specific communities. To counter, users ignore dust transactions, avoid consolidating small UTXOs, or use privacy enhancers like CoinJoin or privacy coins such as Monero.
Cryptocurrency is a digital or virtual currency secured by cryptography, operating on decentralized blockchain networks to enable secure, peer-to-peer transactions.
Read full definitionBitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Read full definitionIn cryptocurrency, a swap is the direct exchange of one token for another on a blockchain, often via decentralized exchanges (DEXs) without intermediaries.
Read full definitionKYC (Know Your Customer) is the regulatory process where cryptocurrency exchanges verify users' identities using documents like ID or proof of address to prevent fraud and money laundering.
Read full definitionEthereum is a decentralized blockchain platform that enables smart contracts and decentralized applications (dApps). Its native cryptocurrency is Ether (ETH).
Read full definitionCoinJoin is a privacy technique in cryptocurrency where multiple users combine their transactions, making it harder to trace individual senders and receivers.
Read full definitionMonero (XMR) is a privacy-focused cryptocurrency that uses ring signatures, stealth addresses, and RingCT to obscure sender, receiver, and transaction amounts on the blockchain.
Read full definitionReal-World Examples
Example 1: 2018 Bitcoin Dust Campaign
Attackers distributed 546 satoshis (0.00000546 BTC) to over 1 million wallet addresses. They tracked users who spent the dust alongside larger amounts, linking addresses to identities via exchange data.
Example 2: Ethereum Dust Attack
An attacker sends 0.00001 ETH to thousands of wallets scraped from public transactions. When victims consolidate outputs, the attacker clusters addresses and correlates them with DeFi interactions or NFT purchases.
- Victim receives unsolicited tiny ETH balance.
- Spends it in a swap; attacker monitors mempool and blockchain.
- Links wallet to user's Twitter via on-chain activity.
Example 3: Targeted Dusting of High-Value Wallets
Attackers prioritize addresses with balances over 1 BTC from blockchain explorers. They send dust to these, then watch for spending patterns to enable phishing attacks demanding ransoms.
Example 4: Countering with Privacy Tools
A user receives dust but uses CoinJoin to mix it with others' UTXOs. Attackers fail to trace the outputs back to the original wallet, preserving pseudonymity.
Bitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.
Read full definitionIn cryptocurrency, a swap is the direct exchange of one token for another on a blockchain, often via decentralized exchanges (DEXs) without intermediaries.
Read full definitionEthereum is a decentralized blockchain platform that enables smart contracts and decentralized applications (dApps). Its native cryptocurrency is Ether (ETH).
Read full definitionDeFi (Decentralized Finance) refers to a set of financial services, such as lending and trading, built on blockchain technology without traditional intermediaries like banks.
Read full definitionAn NFT (Non-Fungible Token) is a unique digital asset stored on a blockchain, representing ownership of a specific item, such as artwork, music, or virtual goods.
Read full definitionMempool, short for memory pool, is a node's temporary storage for unconfirmed cryptocurrency transactions awaiting validation and inclusion in a blockchain block.
Read full definitionCoinJoin is a privacy technique in cryptocurrency where multiple users combine their transactions, making it harder to trace individual senders and receivers.
Read full definitionReady to Choose a Secure Wallet?
Use our tools to find the right hardware wallet for your needs.