Topic: Dust attacks (Read 229 times)
I will never have enough smerits to thank you for all your infos! Thank you and have a good weekend
With the mobile version, it's only possible to freeze addresses which isn't exactly coin control since an address may have multiple UTXOs linked to it.
Mobile wallets are usually more limited. The "solution" is to only fund them with small amounts, and don't use funds that shouldn't be linked together. After all, when using a SPV wallet, the server already knows which addresses belong to the same wallet.Mobile Coinomi allows to freeze unspent outputs, which can be used as a (labor intensive) form of coin control.
Once you click on the three dot, you will see this:
If you click on coin control, you will be able to see the inputs (transaction received individually) and you will be able to freeze the inputs of your choice.
With dust attack, the attacker may be able to link your different addresses together. If one of the linked addresses is known to be owned by you, then the other linked addresses will be known to be owned by you too.
Or, you can fake this data: you could organize a huge coin join with dust transactions, linking many different wallets with different owners together on-chain.Ah yes, excellent !
With dust attack, the attacker may be able to link your different addresses together. If one of the linked addresses is known to be owned by you, then the other linked addresses will be known to be owned by you too.
Or, you can fake this data: you could organize a huge coin join with dust transactions, linking many different wallets with different owners together on-chain. 
Use HD wallets that make tracing difficult for these scammers, so that even when you get dusted, you still will not be under any kind of danger.
With using a HD wallet, you have multiple addresses and you are surely prone to dust attack if you don't be careful. For protecting yourself from dust attacks, you should use coin control. I'm not too sure how attackers can determine someone's identity through its btc address unless it is already known.
Right. With dust attack, the attacker may be able to link your different addresses together. If one of the linked addresses is known to be owned by you, then the other linked addresses will be known to be owned by you too.
I can't figure out if it's dangerous or not and, if so, what to do (or not to do).
Dust attacks are dangerous, they may not be dangerous at first, but when ignored they can pose a huge security risk to you in the future as your identity and details can be revealed to the people behind the attack via the dust attack. You may never know when you have been dusted, if you do not pay close attention to your Wallet and the transactions you receive. Use HD wallets that make tracing difficult for these scammers, so that even when you get dusted, you still will not be under any kind of danger.If your wallet receives a lot of transactions, be careful to ensure you always double check to be able to detect dust attacks.
Hello,
I'm not too sure how attackers can determine someone's identity through its btc address unless it is already known. But I guess these explanations are a bit too complicated for me to understand (I've read the threads on Trustwallet and co, already I have to digest these informations). I have to say that I don't venture into the us part of the forum, there is a lot of information to assimilate. Enough to learn a whole life!
I can't figure out if it's dangerous or not and, if so, what to do (or not to do).
Dust attacks are dangerous, they may not be dangerous at first, but when ignored they can pose a huge security risk to you in the future as your identity and details can be revealed to the people behind the attack via the dust attack. You may never know when you have been dusted, if you do not pay close attention to your Wallet and the transactions you receive. Use HD wallets that make tracing difficult for these scammers, so that even when you get dusted, you still will not be under any kind of danger.If your wallet receives a lot of transactions, be careful to ensure you always double check to be able to detect dust attacks.
I didn't know about this "coin control", it's well explained on the Trezor website, I guess it exists on all hardware wallets
If I'd have to guess, I'd guess there must be hardware wallets that don't support it. But when using a hardware wallet and connecting to the manufacturer's server, that server can link all your addresses already.With the mobile version, it's only possible to freeze addresses which isn't exactly coin control since an address may have multiple UTXOs linked to it.
Mobile wallets are usually more limited. The "solution" is to only fund them with small amounts, and don't use funds that shouldn't be linked together. After all, when using a SPV wallet, the server already knows which addresses belong to the same wallet.Mobile Coinomi allows to freeze unspent outputs, which can be used as a (labor intensive) form of coin control.
I didn't know about this "coin control", it's well explained on the Trezor website, I guess it exists on all hardware wallets, but there doesn't seem to be this possibility on hot wallets. Is this correct?
Not sure about other wallets but Electrum (desktop version) supports the coin control feature.From Coins tab, you can select which UTXOs (coins) to spend.
With the mobile version, it's only possible to freeze addresses which isn't exactly coin control since an address may have multiple UTXOs linked to it.
Here is a detailed guide on how to use coin control in Electrum:
https://bitcoinelectrum.com/how-to-spend-specific-utxos-in-electrum/
Optional: lock/freeze dust inputs in your wallet, so you don't accidentally send them.
I didn't know about this "coin control", it's well explained on the Trezor website, I guess it exists on all hardware wallets, but there doesn't seem to be this possibility on hot wallets. Is this correct?
https://trezor.io/learn/a/coin-control-in-trezor-suite
what to do (or not to do).
What to do: always use Coin Control and manually select which inputs to use.What not to do: don't include dust from the wrong address (for privacy), and don't include dust when it's not worth the fee to send it. When fees are higher than just a few sat/vbyte, adding a dust input increases the fee by more than it's own value. That's a waste of funds.
Optional: lock/freeze dust inputs in your wallet, so you don't accidentally send them.
I find the article from Binance Academy pretty efficient to give a good definition of dusting attacks :
They are not inherently dangerous regarding your funds, but can lead to losses if used as a subset of a long-prepared attack.
Dusting attacks make it easy to track your activity, and can be used as a "tracking device" to then attempt to infect your equipment with more dangerous attacks such as ransomware, cryptojacking etc.
I have the feeling that the BTC network has become too expensive for dusting attacks, but it is very common on BEP20 for example.
The best thing to do is to ignore them IMO
Quote
A dusting attack refers to a relatively new kind of malicious activity where hackers and scammers try and break the privacy of Bitcoin and cryptocurrency users by sending tiny amounts of coins to their wallets. The transactional activity of these wallets is then tracked down by the attackers, who perform a combined analysis of different addresses to deanonymize the person or company behind each wallet.
They are not inherently dangerous regarding your funds, but can lead to losses if used as a subset of a long-prepared attack.
Dusting attacks make it easy to track your activity, and can be used as a "tracking device" to then attempt to infect your equipment with more dangerous attacks such as ransomware, cryptojacking etc.
I have the feeling that the BTC network has become too expensive for dusting attacks, but it is very common on BEP20 for example.
The best thing to do is to ignore them IMO
I thought dust coins use the minimum sendable amount of bitcoin and if you try to send some of your other inputs would go in as transaction fees or change.
- Jay -
- Jay -
Not always, I have seen some come in as non trivial amounts, which is still pennies but if you get enough of them you can....still do nothing with it until BTC hits some really high number vs fiat. Even now if BTC goes up 10x from where it is now it's still under $1.00
What I think is odd, is the fact that I have some coins in cold storage that only have inbound tx and nothing else. And those have at times gotten dusted. So it's not like it's hard to trace, it's only one input you would have to follow.
Sometimes there are advertising or messages tagged to it, https://www.walletexplorer.com/txid/5bc44f106ae6bb52b87cdb61d8982fdf9076a29e952a49d4c86217483aba21c2
-Dave
It does not pose any security risk, at most it is a privacy risk. No one is going to break into your wallet by sending you dust bitcoins.
As Charles-Tim pointed out, if you receive the dust coins and create a transaction later with the dust as part of the inputs the attacker can link up all your addresses which has UTXOs in that transaction.
- Jay -
As Charles-Tim pointed out, if you receive the dust coins and create a transaction later with the dust as part of the inputs the attacker can link up all your addresses which has UTXOs in that transaction.
just use coin control to freeze the dust coin or sent the dust coins as donation to a charity address.
I thought dust coins use the minimum sendable amount of bitcoin and if you try to send some of your other inputs would go in as transaction fees or change.- Jay -
Dust amount (very small amount of coins that can be considered worthless) like 0.00001 BTC or less can be regarded as dust amount which are used with very small fee. The coins are sent to a specific address inorder to trace the transactions that would be made from the address. I do not know how dangerous the attack is, but if you see anything like that, just use coin control to freeze the dust coin or sent the dust coins as donation to a charity address.
Hello, I would like to understand better what dust attacks are: of course I've read a lot of tutorials about it but I can't figure out if it's dangerous or not and, if so, what to do (or not to do). Thanks
Jump to: