Crypto Dusting Attacks – How to Confirm Your Wallet is Affected

2/10/2023, 1:55:21 AM - Eddu Oz
Crypto Dusting Attacks – How to Confirm Your Wallet is Affected

What is a Dust?

A Dust in cryptocurrency is a small amount of token or coin that settles in your wallet balance. It is usually unverifiable, suspicious, and sometimes unnoticeable.  

When tokens or coins less than one Satoshi, i.e., the smallest unit of Bitcoin (0.00000001 BTC) settles, we may refer to a cluster of these Satoshis as dust.

What is a Crypto Dusting Attack?

When unverifiable small amounts of Satoshis or coins settle in your wallet balance, it’s not time to rejoice or assume you just earned interest or got paid for some mining activity.

A dusting attack is a large-scale attack on wallet addresses where small amounts of tokens or coins are sent to thousands or hundreds of thousands of wallets in order to de-anonymize them.

The attacker does this to trace the identities of the wallet owners and thereafter launch an extortion spree, blackmail, stealing, or some other form of hacking activity.

Dusting attacks first started with Bitcoin in 2018 with the leading wallet provider Samourai. When this happened, It notified its users via social media of possible infiltrations into their wallets.

Samourai advised its users not to spend from their balances and proactively placed a “Do Not Spend” alert on their wallets.

Dusting attacks are done on a large scale and across many wallet platforms. So if you eventually notice these tiny amounts in your wallet, you may not be the only one.

Dusting attack aims to de-anonymize the owners of the wallets and link them in a pool through a malicious program.

SEE ALSO: Cryptojacking Attacks – Clever Ways to Detect and Prevent it

Asides from Bitcoin which dusting attacks began with, Litecoin LTC, Binance BNB, Tron TRX witnessed dusting attacks afterward.

Dust attack mechanism leverages sending coins to multiple addresses, then the attacker monitors the movement of funds in the wallets to consolidate into one identity.

The attacker also exploits information from many other sources in trying to make an educated guess.

With respect to de-anonymizing the victims’ wallets, there are no guarantees.

Access may be granted when wallet owners spend out of their wallets especially when these dusts are consolidated into a single balance.

Below is an example of a dusting attack on multiple addresses.

dusting attacks - Crypto Dusting Attacks – How to Confirm Your Wallet is Affected
Source: Exodus Wallet

A typical dusting attack has one address on one side and multiple recipients on one side. The blue arrows indicate spent transactions.

If you’re holding Bitcoin or other cryptocurrencies, look out for these other signs of dusting attacks.

SEE ALSO: 3 Smart Ways the Police Can Crackdown Cryptocurrency Criminals

3 Signs You’ve Been Attacked

1. Small tokens (Dust) in your wallet

Unless you take snapshots of your wallet balance or you habitually write them down after each transaction, you may not notice when you’ve been attacked.  

The first sign is an unexplainable small amount of token in a wallet which may have gone unnoticed for a while.

One way to validate this is that the amount will be too small to use or pay for anything. Dusting attacks are large-scale and expensive, tokens are sent to multiple wallets.

If the user does not consolidate the unspent transactions (UTXOs) when he wants to spend out of his wallet, his data and anonymity should remain intact.

However, most digital wallets automatically consolidate all balances when a user initiates a transaction, so you need to check this out and trace through your transaction history to account for all funds received.

2. Unsolicited Bitcoin Emails

Victims of a dusting attack may not notice from the onset that tiny tokens have settled in their wallets.

A phishing email, online blackmail, or extortion would become the hacker’s next line of action.

Remember, that the objective of the hacker is to collect IP addresses, personal data and unlock the identities of the wallet owners. With this, they can launch a large-scale attack on their victims.

When you begin to receive these kind of emails, your wallet could be a source point for the breach of privacy and your need to act fast.

3. Links to a Malicious Website

In October 2020, a dusting attack was performed on Binance where tiny units of Binance tokens were sent to multiple wallets. After a user sends payment, they are enticed to click on a link on their transaction memo.

Dusting attacks - Crypto Dusting Attacks – How to Confirm Your Wallet is Affected

Avoid clicking any suspicious link and dust attack could be masked in any form.

SEE ALSO: How to Get Back Stolen Bitcoin from Cybercriminals

How to Confirm Your Wallet has been Affected

Export your wallet addresses to check if you were affected

Depending on your wallet provider, most wallets have a feature where you can export and see the list of all your addresses for a particular asset.

In this case, I’ll illustrate with the Exodus wallet.

To export, log in to your wallet dashboard and locate the addresses you want to export, and select export addresses.

Follow steps 1 – 4 on the dashboard to export addresses.

Exodus -  export wallet address

Your wallet addresses will be exported into a CSV spreadsheet file and downloaded on your desktop. Then analyze your addresses for any usual transactions.

Example 1One address with a dust

Dusting attacks

Example 2Two addresses with dust on both

Dusting attacks - Crypto Dusting Attacks – How to Confirm Your Wallet is Affected

Check your addresses on a block explorer like Blockchair

The Blockchair explores and analyzes transaction data, addresses, blocks, and embedded text data in a clear and easy-to-understand format.

To check for dust attacks, copy and paste your wallet address on the text bar and click the arrow button ⇒


A list of your assets and their balances will be displayed, then you can analyze them one after the other.

Blockchair - Crypto Dusting Attacks – How to Confirm Your Wallet is Affected

Click on each asset and analyze transaction details.


Isolate any unusual balance for further investigation. If you notice dusting attacks in form of tiny amounts of BTC or any other cryptocurrency, do not spend or consolidate the dust to your wallet balance.

SEE ALSO: How to Flee these 10 Bitcoin Scams Now!

What to Do When Affected

• Contact your wallet provider immediately and notify them about the new development. You most likely will be asked to create a new wallet and migrate all your funds to a new address.

• But be sure that the dust remains are not moved together with your funds to the new wallet.

• Avoid doing this in isolation, ask your wallet provider for guidance in the migration process to ensure your private keys are created and coins secured in your new wallet.

Read More