You may or may not have heard the phrase “dusting attack,” but if you have holdings in crypto – you need to understand and be wary of them. Dusting attacks are proactive reconnaissance maneuvers that are typically conducted against thousands or hundreds of thousands of digital wallets at one time by scammers or hackers, who are trying to tease out and identify wallet owners. What the attackers do is scan blockchains for a large number of public addresses over a specific time period with large transactions of a specific cryptocurrency they’re targeting.
At which point, they typically send a very small, almost imperceptible amount of the target crypto to all the target addresses – the tiny amount of crypto is so small that it’s referred to as “dust” – hence the name dusting attack. Then they wait and watch for blockchain transactions involving the dust. Since a single digital wallet with a private key can issue various public keys as a preemptive safety measure to confuse hackers, the attackers use analytic monitoring software to alert whenever they see dust deposits consolidated and moved to another exchange, wallet, or address.
Wallet owners might mistake the dust deposits as interest earned on their holdings, an airdrop, freebie from an exchange, or any number of other possibilities. Either the wallet owners proactively consolidate the fractional cryptos or the wallets do it automatically, which then links tiny dust deposits together. That action gets caught in the scammers’ digital dragnet, triggering the next phase of heavy duty malicious programming being used to re-identify the pseudonymous wallet owner. Once hackers know the identity of the wallet owner, the “black hats” can deploy their typical tradecraft of direct/indirect theft, blackmail, ransomware, or extortion.
This past weekend a suspected dusting attack occurred within the largest crypto-sub group on Reddit, here’s a screenshot of the post describing what happened.
Possible signs you’ve been attacked
What to do if you’re attacked
If you confirm any of the signs above or believe you’ve been a target of a dusting attack, here’s what you need to do:
- Contact your wallet provider as soon as possible with any relevant details you have. They will most likely require that you create a new wallet and move your digital funds to a new address.
- Be certain that the dust deposits are isolated and NOT combined with your funds or moved to the newly created wallet.
- Don’t take these steps on your own – be sure to cooperate with your wallet provider regarding best practices to guarantee the new wallet is set up properly and your new private keys are secure.
On The Flipside
- Don’t let greed, the desire for instant wealth, and “fear of missing out” cloud your judgement.
- Investing in crypto – just as with any other asset class requires independent research. Only consider solid projects that have strong use cases, proven leadership, an ongoing development roadmap, and a demonstrated track record of performance.
- To be on the safe side, avoid all unsolicited airdrops, promotions to double your deposit, or any other offer that sounds too good to be true.
Why You Should Care?
Hackers continue to devise new ways to separate you from your funds. Whether fiat or crypto, diligence and common sense are necessary to protect your savings and investments.
EMAIL NEWSLETTER
Join to get the flipside of crypto
Upgrade your inbox and get our DailyCoin editors’ picks 1x a week delivered straight to your inbox.
[contact-form-7] You can always unsubscribe with just 1 click.