Dusting attacks are something that many in the crypto world may not have come across before, but the term was thrust into the limelight this weekend when Binance revealed that Litecoin users were being targeted with dusting attacks. What is a dusting attack, how does it work, and how can you protect against it? BitStarz News gives you the lowdown on this relatively new way in which hackers are trying to get their hands on your crypto.
Small Amounts Could Mean Big Hacks
‘Dust’ is the term used to describe the tiny amounts of cryptocurrency that are left over when users exchange one token for another. Normally these amounts are insignificant, being worth pennies if that, and most of us just ignore them, although dusting attacks mean that the dust in your wallet may not be as innocent as it seems. Scammers have realized that people tend to ignore the dust until it accumulates to a decent size when they either move or exchange it, and have started ‘dusting’ a large number of addresses by sending similarly small denominations of coins to them – so small that users can’t tell the difference. Next, the attackers analyze the various addresses they have dusted with the aim of eventually connecting the dusted addresses and wallets to their respective individuals or companies. The attackers may then use this knowledge against their targets, either through phishing attacks or cyber-extortion threats.
How to Prevent Against Dusting Attacks
An effective way of guarding against dusting attacks is to not move any dust you have in your various accounts. This all but eliminates an attacker’s ability to identify the wallet holder as it provides no link between the dusted wallets. If you’re in doubt, you could also check your ‘deposit’ history to see if any unsolicited funds have been added to your account. In order to preserve privacy, it is also best practice to use a new address for each transaction, a feature that exchanges like Coinbase provide automatically but is something that ERC20 wallets and the like cannot. Interestingly, it’s not just hackers that use dusting attacks to try and identify users, as some authorities have been known to use the method to detect activity they can use against citizens. The best rule of thumb is to do the opposite of what you should do in your home and leave the dust where it is.
