InWara - ICO Database, ICO review, Security tokens and more

InWara research: What’s a dusting attack? And how to maintain your anonymity

What's a dusitng attack

 

Cryptocurrencies enable you to transfer money in anonymously right? That’s one of the core reasons why Bitcoin gained its traction during its incipient stages. But what if that anonymity is under attack now?

In this article, we’ll dive into what are “dusting attacks” and how this cyberattack is a threat to your anonymity. We’ll also look into how you can prevent a “dusting attack”

Dusting attack is a relatively new kind of cyberattack where the hackers can compromise the anonymity of Cryptocurrency hodlers through a process. What’s the process? The hackers send a few Satoshi’s (the basic unit of cryptocurrencies) to multiple Digital wallets. And then track the transactional activity of these wallets in an attempt to figure out which ones belong to the same user. 

So why is it called a dusting attack?

The few Satoshis sent by hackers is also known as dust. In the crypto space, “Dust” refers to an almost negligible amount of coins that get stuck in a digital wallet after a trade order is executed. Hackers send such an almost negligible amount of Satoshi to users’ wallet, the change is so minuscule, often people don’t see it. The Bitcoin Core describes dust as any transaction output that is lower than the cost of making that transaction.

Once a hacker has “dusted” multiple wallets, and the user has unknowingly spent the dust. Once this is done, hackers employ complex analysis techniques of the multiple addresses in an attempt to figure out which

addresses belong to the same wallet.

History of Dusting attacks

In October 2018, the team behind the open-source Bitcoin wallet “Samurai wallet” sent out a tweet warning it’s users that some wallets were under dusting attacks. The Samurai team later rolled out a “Do not spend” feature that lets users mark suspicious funds, on top of adding a real-time tracking feature for dust funds.

In August 2019, the largest cryptocurrency exchange in the world, Binance tweeted that a large scale dusting attack was picked up on its Litecoin users wallets. This attack affected nearly 3,00,000 addresses, according to an analysis by Glassnode

Litecoin is the 5th largest cryptocurrency by market cap at a whopping $4.5 billion.

What's a dusting attack

InWara’s Market Intelligence Platform

 

Like the charts? You'll love our platform Get started

 

How Dusting could de-anonymous you

There are a couple of reasons why Bitcoin gained initial traction among its adopters. Firstly, it solved the problem of “Double spending” in a decentralized fashion, unlike any digital currency before it.

Secondly, the inherently private nature of Bitcoin (thanks to cryptography techniques) meant anonymous transactions could be made. As anyone can create a wallet and join the network without providing any personal information.

But there’s a caveat, while peer-to-peer transactions are mostly anonymous. The same can’t be said when buying crypto from exchanges like Binance. As most exchanges collect the personal details of its users for KYC verification. Data stored on exchanges is a weak-link that a hacker can exploit. 

In early August 2019, a hacker claimed he had access to the KYC information of at least 60,000 individual users of Binance, the world’s largest cryptocurrency exchange by trading volume. According to a report by Coindesk. Binance has also been hacked several times before, the latest event witnessed almost $40 million in funds being swindled away.

This just shows the vulnerability of exchanges to cyberattacks. So what can be done? Centralized exchanges have become an integral part of the crypto ecosystem, there’s no getting rid of them. 


How to prevent dusting attacks

A hacker can only track your dusted coins if you move them. Hence it’s critical you don’t move them. Using a different wallet address each time you move funds will throw off the hackers at the analysis section, as they are unable to connect the wallet addresses. 

As I mentioned earlier, the weakest link in the process are Digital Wallets. Hackers employ a variety of techniques like Phishing attacks, to steal your private keys or other sensitive information. Using a good antivirus software, and using a VPN can help. Going a step further, storing your private keys in encrypted folders is also a good option.

Could decentralized exchanges be the solution? Decentralized exchanges (DEX) are mostly peer-to-peer platforms that enable the direct transfer of crypto. Eliminating the need of a centralized authority. There are several DEX’s already in existence, none of them match in scale or trading volume with CEX’s.

Final thoughts — On top of the preventive measures mentioned earlier, using Privacy coins like Monero and Zcash are by far the best option. Why? Because these are cryptocurrencies that are designed to conceal a users information such as ender’s address, the receiver’s address, and the transaction amount. This makes it nearly impossible for hackers to carry out dusting attacks.

Want to learn more about privacy coins? Check out our Monero Vs Zcash article.

 

Register for a free trial

The Most Trusted

Market Intelligence Platform

Get Started