There are instances where crypto dust attacks are undertaken by malicious entities.
Why Hackers Use Crypto Dust
Hackers usually target wallets with significant crypto holdings so as to unmask the people behind them. They send out crypto dust to the targeted wallets and watch for final withdrawal addresses, which in many cases belong to the wallet owners. Withdrawal wallets usually belong to exchanges with stringent Know Your Customer (KYC) requirements; thus the wallet owner is revealed.
Once the identity is confirmed, hack attacks against the individual are launched. Social engineering campaigns are usually the first step in finding out vital information about the owner. The information includes emails and phone numbers.
More sophisticated attacks are then deployed to gain control of the emails and phone numbers. SIM swap schemes are, for example, used to gain control of the target’s phone numbers. The numbers are in turn used to unlock connected crypto wallets on exchanges. In some instances, phishing attacks are also used to take over emails and hot wallet addresses belonging to the victim.
Besides bad actors using crypto dust to deanonymize wallet owners, some government agencies such as taxation and law enforcement institutions regularly carry out dusting attacks to trace persons of interest. These are, in most cases, individuals involved in criminal operations, money laundering, and tax evasion schemes.
Another reason why dusting campaigns occur is for misdirection purposes. Just as email marketers bombard inboxes with spam messages, crypto dust can be used to distribute unsolicited notes.
In October last year, scammers launched a dust attack on the Binance Chain (BC). The malicious entities sent out insignificant BNB coins containing a note to users on the platform. The messages contained a link to a malicious website claiming to be giving away 50 BNB.
Binance was quick to warn its users about the scheme.
Crypto Dusting Solution
To mitigate dusting attacks, it is best to use a crypto wallet that isolates crypto dust and prevents the coins from being transferred. The Electrum wallet, for example, offers granular control over the consolidation of crypto dust.
Another solution implemented by a few wallet providers is to randomly generate new addresses after each transaction.