Crypto dust: how to not accidentally become a criminal

We continue to break down new concepts that are advisable for cryptocurrency newcomers to know. This time, we will discuss the concept of crypto dust and why unknown incoming payments to your address can be potentially dangerous.

What is dust?

Let’s first clarify that there are two understandings of the term “crypto dust.”

In its original meaning, the term “dust” means a very small fraction of a coin or token. Dust is usually considered to be a couple of hundred satoshis. After a series of outgoing transactions, your wallet may have a tiny amount of tokens left, in thousands of fractions. This is typically how dust forms naturally. It is often impossible to do anything with this residue because the price of a transaction in the network can exceed the minimum.

• The Bitcoin community defines dust as “any residue that is lower than the fee for a standard transaction on the network”, this leads to the concept of limiting dust. You may have also noticed that after an exchange sells or exchanges coins, there is often a small unspent portion of the original coin. By analogy, this is called exchange dust. I think it pisses everybody off, but, in the case of Binance, for example, it can be converted to BNB. On a normal wallet, this dust will most likely stay forever.
• However, there is a second variant of using dust. An origin that is not natural, as described above, but is created maliciously. This variant of using dust is often called a dust attack. We will talk about this variant in detail, using Bitcoin as an example.

Why is this done? There are two popular reasons for dusting attacks:

1. Surveillance and de-anonymization

A Dusting Attack is a new kind of malicious action where hackers or fraudsters send a very small fraction of a coin to other people’s wallets. Sending such small sums costs almost nothing, and the recipient has no way of refusing to receive said dust. Subsequently, it is used for malicious purposes.

Typically, the goal of hackers is to link addresses and wallets to relevant companies or individuals. If successful, attackers can use this information against the victims for elaborate phishing attacks or cyber-extortion threats. In other words, in this variant of the attack, slipping their dust into your public wallet balance allows for better tracking.

In late October 2018, Samourai Wallet developers announced that some of their users had been exposed to Dusting attacks. The Samourai Wallet team implemented a real-time alert to track Dusting, as well as a “Do Not Spend” feature that allows users to flag suspicious funds and not include them in future transactions.

Despite the dust limit of 546 satoshis, many dust attacks today transfer between 1,000 and 5,000 satoshis. So, receiving any unknown micro-transaction in your wallet is a reason to be wary. It doesn’t mean that you will be hacked or that your anonymity will be broken, but it does mean that somebody is at least interested in your identity.

However, most owners of BTC and other cryptocurrencies will probably not be able to tell you how much of it they have with perfect accuracy, so they can easily fall victim to such scammers. The appearance of micro-dust will not change the value of your balance in any way. It often rounds to an acceptable value, so you most likely will not notice a thing.

The most vulnerable to dust attacks are cryptocurrencies that apply the unspent transaction balance (UTXO) model, such as Bitcoin. This is because they create a new address for each change from a transaction, and the presence of dust is like a tag to keep track of that change every time (without that tag, there would be an anonymizing effect). In addition to spying on PoW networks, networks like Ethereum can be even more tricky variants of the dust attack through smart contracts.

This is how it is described in Wiki:

Attackers send a token to the target wallet via a fake airdrop. When the victim attempts to cash out the token, the sender is able to access the whole wallet through the smart contract attached to the poisoned token.

2. Poisoning the balance and compromising your reputation

I don’t know if you realize it, but these days, a huge number of near-government services are constantly monitoring blockchains for transactions with a criminal trail. Centralized exchanges are often connected to such databases and are closely monitored to make sure that cryptos with criminal origins do not get into their exchanges. As of 2023, these controls, though barely noticeable to the average person, are highly developed and are constantly running in the background.

Now imagine that an intruder poisons your wallet by making a micro-transfer of previously stolen money. Most likely, this would be enough to have your entire amount now classified by all the databases as having a connection to the criminal trail from whence the dust came. Robots just automatically create associative chains of all criminal transactions, and here is one of them now pointing to you!

For example, in 2022, when the US government declared Tornado Cash mixer illegal, a certain anonymous user appeared and started sending micro amounts in ETH to the wallets of popular people in the US crypto community. Among them were: Coinbase CEO Brian Armstrong, radio host Jimmy Fallon, and popular YouTubers Logan Paul and Randy Zuckerberg. It is not known exactly how it ended up at the time, but for ordinary people, this kind of anonymity entertainment very likely promises to land them in specialized databases. 

This situation of the mass dusting of funds passed through Tornado Cash was repeated many times afterward. TheBlock, which investigated the dusting cases, also concluded that such dust-poisoned funds might eventually be frozen when they get to CEX.

This is how an attacker can easily make you an accomplice to some online crime, even without your knowledge (for extortion, revenge, or just for fun).

Conclusion

In the end, I would like to calm you down. Dust attacks are a fairly rare criminal use of crypto dust. Cryptocurrency holders usually do not possess a lot of it, and for the sent dust, attackers still have to pay transaction fees, which have been increasing in recent years. It is also important to understand that if you do receive such dust and no further transactions are made by you, it is impossible to trace anything.

Sometimes, sending crypto-dust to your address is absolutely harmless and can even be beneficial. For example, developers may send out dust to check the operation of their hardware or updates. Also, sending “dust” to wallets is sometimes done for promotional purposes to attract more people to the cryptocurrency or another project.

Nevertheless, the main message of this article is that, in the crypto world, any unknown incoming payments to your wallet should make you wary. Hopefully, this article will raise the necessary awareness about this type of potential danger.