Bitcoin Forum
March 28, 2024, 09:02:24 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 »  All
  Print  
Author Topic: Dust Attack, what it is, why it is dangerous and how to prevent falling to it  (Read 1940 times)
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
August 13, 2019, 06:03:48 PM
Last edit: January 03, 2021, 10:44:20 AM by fillippone
Merited by Welsh (10), joniboini (6), suchmoon (4), El duderino_ (4), dbshck (4), vapourminer (2), o_solo_miner (2), DdmrDdmr (2), 1miau (2), PrivacyG (2), Hueristic (1), JayJuanGee (1), pooya87 (1), Quickseller (1), tranthidung (1), OcTradism (1), protrader786 (1)
 #1

A few days ago I read this news, that got my attention:


LITECOIN WALLETS HIT BY LARGE-SCALE DUSTING ATTACK, SO WHAT IS IT?

Here you can find a couple of paragraph:
Quote
Reports are emerging that Litecoin wallets have been hit by a new kind of cyber-attack called dusting. It has not affected LTC markets but is something that crypto traders and holders should be aware of. Binance Academy offered an explanation.

Quote
In short, a dusting attack is when scammers attempt to break the privacy of a cryptocurrency, Litecoin in this case, by sending tiny amounts of it to private wallets. The attackers then attempt to trace the transactional activity of these wallets in an attempt to discover the identity of the person that owns them.

The term ‘dust’ refers to the tiny fractions of crypto coins that most users ignore. A couple of hundred satoshis may be referred to as ‘dust’ as the sum is so tiny that most people would not even notice it. It is also prevalent on crypto exchanges as the remnants of transactions that remain in wallets and can no longer be used or transferred.

Dust therefore refers to those amounts of cryptocurrencies that cannot be transferred individually either or because their amount is less than the transaction fees of the blockchain, or because they are lower than the minimum transferable out of an exchange, thus remaining blocked in the portfolio of the account at a specific exchange.


Here you can find an video from  Binance Academy that explains what a Dust Attack is:

What Is a Dusting Attack?

This technique is also used on Bitcoin, so try to be careful when you receive Satoshi without knowing where they are coming from.

Why is dust attack dangerous? What is the use of sending satoshi to trace transactions if the transactions are actually public?

Well the explanations can be multiple:

  • The attacker sends satoshi to a used address, with a positive balance. A curious mechanism, in reality, the attacker does not get any advantage, given that the movements of the address could also be monitored previously. The only advantage could be to "accustom" the user to receive funds on an address, thus making it less prudent in the real dust attack.
  • The attacker sends satoshi to a used but empty address. The receiver then aggregates those satoshis to a new address by making a payment. At that point, the old address and the new one are "linked" and the attacker can, with methods of chain analysis, try to trace your identity, having discovered, however, that you also have control of the old address.
  • The attacker sets up a bitcoin faucet (or a bitcoin fork - do you remember United Bitcoin?), where it is possible to get some satoshi upon registration with an email. At that point, if you combine those satoshis with your main address, well, the attacker has extra starting data to identify you (an email, even if fake, provides a lot of information, for example, a connection IP).
  • Extremizing: an exchange that offers you $ 30 to register, after KYC, is practically performing a dust attack. Except that in that case, using the chain analysis company you just bought, you can perform a very efficient tracking of your UTXOs. Do you think this is an impossible scenario? it already happened.
  • Exaggerating 2: an exchange (the same as the previous point) offers you $ 80 in shitcoins by answering easy videos and questions, after KYC, is practically performing a dust attack. Except that in that case, using the chain analysis company you just bought, you can perform a very efficient tracking of your UTXOs. Do you think this is an impossible scenario? It is happening now.

So, what to do when you receive dust on your wallet?

Two cases:

  • Attacker sent you on a positive balance address: there's nothing much you can do about that. The address is public, the balance is public, having dust on such address is not something you can control. Spending this dust does not pose any additional threat than moving your coins on that address. You can consolidate those coins and keep with your usual life.
  • Attacker sent you on a zero balance address: this is a proper dust attack. The address is public, but it is not possible to link to your current address. Spending this together with your coins poses a privacy risk. The attacker doesn't know anything about your current address, if you spend the two UTXO together they are able to link them.
    For this reason, you have to use Coin Control feature: clearly mark that dust UTXO as "do not spend" (many wallets allow for this, Wasabi being one of those) to that attacker cannot track you down.

Another example is the exchange airdrops made by our government-friendly exchange:

Let's work an example out.
They give you some Stellar Lumens, provided you see some videos.
Of course, you don't care about XLM's, so once you get them you sell them immediately for BTC.
Since you are an advanced BTC user, you know that "not your keys, not your Bitcoin", so you get your BTC and withdraw them in your private wallet.
You forget for a few weeks.
Two months later, taking advantage of the empty mempool, you decide to consolidate your addresses into one. You then put those few satoshis together with your 100 BTC you bought back in 2010.
Well, now the shrewd chain analytics company is able to understand that even the 100 BTC are yours.
The chain analytics company sells the information to the tax authorities, and you're screwed.
Or sell it to a criminal organization, and you're even more screwed.

How to defend yourself:
Two tips immediately come to mind:
  • Keep the "KYC" and "anonymous" addresses absolutely separate, many wallets allow different UTXOs to be marked with different labels: use this option!
  • If you really need to consolidate the addresses, before doing so, let them go through a coinjoin. However, having an anonymous set is not perfect, but at least you don't have an obvious link to your address.
As usual, I will try to update this thread by completing it with better information and examples as they become available.
I look forward to your comments!

EDIT:
Other reads:
Beware the Dusting Attack

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
1711659744
Hero Member
*
Offline Offline

Posts: 1711659744

View Profile Personal Message (Offline)

Ignore
1711659744
Reply with quote  #2

1711659744
Report to moderator
1711659744
Hero Member
*
Offline Offline

Posts: 1711659744

View Profile Personal Message (Offline)

Ignore
1711659744
Reply with quote  #2

1711659744
Report to moderator
"Bitcoin: mining our own business since 2009" -- Pieter Wuille
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711659744
Hero Member
*
Offline Offline

Posts: 1711659744

View Profile Personal Message (Offline)

Ignore
1711659744
Reply with quote  #2

1711659744
Report to moderator
1711659744
Hero Member
*
Offline Offline

Posts: 1711659744

View Profile Personal Message (Offline)

Ignore
1711659744
Reply with quote  #2

1711659744
Report to moderator
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
August 15, 2019, 10:12:38 PM
 #2

An update on the Binance Dust Attack

LTC Dusting Attack on Binance Affected Nearly 300,000 Addresses: Report

Quote
The recent dusting attack against fourth-biggest altcoin Litecoin (LTC) on major cryptocurrency exchange Binance affected 294,582 addresses rather than the 50 Binance reported, according to a recent metrics report.
Blockchain data and metrics firm Glassnode revealed its latest findings in a tweet on Aug. 15, saying that the LTC dusting attack affected 294,582 addresses. The analysis ostensibly also indicated a similar scale attack in April.



Of course the given explanation is pretty ridicule.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
hatshepsut93
Legendary
*
Offline Offline

Activity: 2926
Merit: 2126



View Profile
August 15, 2019, 11:51:57 PM
Merited by joniboini (2), DdmrDdmr (1)
 #3

Maybe this dusting is more of a spam attack, it creates new unspent outputs that are more expensive to move than they are worth, so it can make people overpay fees when they don't keep track of what input they use. This raises a question - are wallets these days smart enough to recognize some inputs as dust that is inefficient to move at the current fee, or would they mindlessly include it in transactions?

.BEST.CHANGE..███████████████
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
███████████████
..BUY/ SELL CRYPTO..
DdmrDdmr
Legendary
*
Offline Offline

Activity: 2268
Merit: 10637


There are lies, damned lies and statistics. MTwain


View Profile WWW
August 16, 2019, 08:33:38 AM
 #4

A person at Binance Academy now suggest that it was not a dusting attact per se in intent (although not discardable), but rather an attempt to promote a specific mining pool based in Russia:

Quote
“The person behind the dusting attack owns a mining pool based out of Russia, EMCD[dot]io. They reached out to express that their intent was to advertise their mining pool to the users of Litecoin, however, it's unclear from our perspective or anyone else's as to whether there were alternative motives. The owner of the pool was not aware that he was subjecting all these users to a dusting attack and spreading fear among the Litecoin community.
“It's interesting to note, that even if this was not the intent of the mining pool owner, he provided a base for malicious actors to analyze. You see, the person responsible for conducting the dusting attack doesn't necessarily have to be the one collecting the data, they can just merely be providing a service so that someone else can collect all the information and analyze it at a later date.”

See: https://cointelegraph.com/news/understanding-litecoins-dusting-attack-what-happened-and-why

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
August 16, 2019, 08:43:52 AM
 #5

<SNIP>


Yes, that article expand what it was posted in the previous article I linked this morning.
And still, this explanation (the guy promoting his own mining pool) seems ridicule to me.
But I might be missing something here.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
DdmrDdmr
Legendary
*
Offline Offline

Activity: 2268
Merit: 10637


There are lies, damned lies and statistics. MTwain


View Profile WWW
August 16, 2019, 08:49:39 AM
 #6

<…> And still, this explanation (the guy promoting his own mining pool) seems ridicule to me. <…>
Not really. A dusting attack is what it is, and that is what you’ve explained in this thread. The specific Litecoin recent alleged attack, as with many other news published, evolves overtime, and what media promptly affirm one day may have a different edge on the following. In any case, the article pointing to it being a promotion stunt cannot discard ulterior motives.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
August 16, 2019, 08:55:49 AM
 #7

<…> And still, this explanation (the guy promoting his own mining pool) seems ridicule to me. <…>
Not really. A dusting attack is what it is, and that is what you’ve explained in this thread. The specific Litecoin recent alleged attack, as with many other news published, evolves overtime, and what media promptly affirm one day may have a different edge on the following. In any case, the article pointing to it being a promotion stunt cannot discard ulterior motives.

My point is: as a promotion stunt, I see this move pretty lame: I would actually stay well away from someone putting user's privacy at risk with such a unrequested move.
So I think there are other "reasoning" behind these actions.
And also agreed this news evolved from the strict notion of "dust attack".

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
bitmover
Legendary
*
Offline Offline

Activity: 2254
Merit: 5836


bitcoindata.science


View Profile WWW
August 16, 2019, 11:22:22 AM
 #8

It is also prevalent on crypto exchanges as the remnants of transactions that remain in wallets and can no longer be user or transferred.

This statement makes no sense to me. Maybe am I missing something?

The guy who sent the dust is watching. But the remaining balance he could be watching anyway, even if he didn't send any dust to the address.

If you don't use the remaining balance with other addresses in the same transaction you are just fine imo. Any thoughts?

.
.BLACKJACK ♠ FUN.
█████████
██████████████
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
████████████████
░██████████████
████████████
███████████████░██
██████████
CRYPTO CASINO &
SPORTS BETTING
▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
█████████
.
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
August 16, 2019, 11:26:43 AM
 #9

It is also prevalent on crypto exchanges as the remnants of transactions that remain in wallets and can no longer be user or transferred.

This statement makes no sense to me. Maybe am I missing something?

This statement refers to the fact we call "dust" also the change you leave on the exchanges (offchain dust) after you change your shitcoin into bitcoin. When you convert your BPA (BitcoinPizza) into BTC and you are left with 0.432 BPA and the minimum fees to transfer it is 0.5 PBA, then your change is basically lost (now some exchange offer ways to clean that thou), and then referred as "dust"

Quote
The guy who sent the dust is watching. But the remaining balance he could be watching anyway, even if he didn't send any dust to the address.

If you don't use the remaining balance with other addresses in the same transaction you are just fine imo. Any thoughts?
Exactly, this was more or less analysed in the OP message.


..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Quickseller
Copper Member
Legendary
*
Offline Offline

Activity: 2870
Merit: 2298


View Profile
August 18, 2019, 05:32:54 AM
 #10

A person at Binance Academy now suggest that it was not a dusting attact per se in intent (although not discardable), but rather an attempt to promote a specific mining pool based in Russia:

Quote
“The person behind the dusting attack owns a mining pool based out of Russia, EMCD[dot]io. They reached out to express that their intent was to advertise their mining pool to the users of Litecoin, however, it's unclear from our perspective or anyone else's as to whether there were alternative motives. The owner of the pool was not aware that he was subjecting all these users to a dusting attack and spreading fear among the Litecoin community.
“It's interesting to note, that even if this was not the intent of the mining pool owner, he provided a base for malicious actors to analyze. You see, the person responsible for conducting the dusting attack doesn't necessarily have to be the one collecting the data, they can just merely be providing a service so that someone else can collect all the information and analyze it at a later date.”

See: https://cointelegraph.com/news/understanding-litecoins-dusting-attack-what-happened-and-why

The intent of the person sending and funding the transactions doesn’t matter. Anyone looking after the fact can potentially break your privacy.

It is also possible the stated reason is cover for his true intentions.
DdmrDdmr
Legendary
*
Offline Offline

Activity: 2268
Merit: 10637


There are lies, damned lies and statistics. MTwain


View Profile WWW
August 18, 2019, 01:29:29 PM
 #11

<…>
I know. That is the alleged reason, and the possibility of exploiting the action, regardless of the intention, is covered in the quoted text itself where it states:
Quote
It's interesting to note, that even if this was not the intent of the mining pool owner, he provided a base for malicious actors to analyze.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Hueristic
Legendary
*
Offline Offline

Activity: 3766
Merit: 4824


Doomed to see the future and unable to prevent it


View Profile
August 22, 2019, 12:59:26 AM
 #12

So basically a dusting attack and then a "don't worry it was not an attack" response to lull the victims into not protecting themselves?

“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
August 22, 2019, 04:09:55 PM
 #13

So basically a dusting attack and then a "don't worry it was not an attack" response to lull the victims into not protecting themselves?

Social engineering is a good part of any attack.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Hueristic
Legendary
*
Offline Offline

Activity: 3766
Merit: 4824


Doomed to see the future and unable to prevent it


View Profile
August 22, 2019, 04:18:04 PM
 #14

So basically a dusting attack and then a "don't worry it was not an attack" response to lull the victims into not protecting themselves?

Social engineering is a good part of any attack.

True that, i had an idiot hand me a thumb drive to put something on for him that he found on the ground. Damn thats the oldest trick in the book.

“Bad men need nothing more to compass their ends, than that good men should look on and do nothing.”
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
September 16, 2019, 11:52:17 AM
 #15

So basically a dusting attack and then a "don't worry it was not an attack" response to lull the victims into not protecting themselves?

Social engineering is a good part of any attack.

True that, i had an idiot hand me a thumb drive to put something on for him that he found on the ground. Damn thats the oldest trick in the book.

Form an attacker point of view, the more a system is cryptographically secure, robust and offering minimum attack surface, the more concentrating on social engineering, human stupidity/complacency has an elevated payoff.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Ann1989
Jr. Member
*
Offline Offline

Activity: 38
Merit: 10


View Profile
December 05, 2019, 02:52:01 AM
Merited by JayJuanGee (1)
 #16

A few days agor I read this news, that got my attention:


LITECOIN WALLETS HIT BY LARGE-SCALE DUSTING ATTACK, SO WHAT IS IT?

Here you can find a couple of paragraph:
Quote
Reports are emerging that Litecoin wallets have been hit by a new kind of cyber-attack called dusting. It has not affected LTC markets but is something that crypto traders and holders should be aware of. Binance Academy offered an explanation.

Quote
In short, a dusting attack is when scammers attempt to break the privacy of a cryptocurrency, Litecoin in this case, by sending tiny amounts of it to private wallets. The attackers then attempt to trace the transactional activity of these wallets in an attempt to discover the identity of the person that owns them.

The term ‘dust’ refers to the tiny fractions of crypto coins that most users ignore. A couple of hundred satoshis may be referred to as ‘dust’ as the sum is so tiny that most people would not even notice it. It is also prevalent on crypto exchanges as the remnants of transactions that remain in wallets and can no longer be user or transferred.

Dust therefore refers to those amounts of cryptocurrencies that cannot be transferred individually either or because their amount is less than the transaction fees of the blockchain, or because they are lower than the minimum transferable out of an exchange, thus remaining blocked in the portfolio of the account at a specific exchange.


Here you can find an video from  Binance Academy that explains what a Dust Attack is:

What Is a Dusting Attack?

This technique is also used on Bitcoin, so try to be careful when you receive Satoshi without knowing where they are coming from.

Why is dust attack dangerous? What is the use of sending satoshi to trace transactions if the transactions are actually public?

Well the explanations can be multiple:

  • The attacker sends satoshi to a used address, with a positive balance. Curious mechanism, in reality the attacker does not get any advantage, given that the movements of the address could also be monitored previously. The only advantage could be to "accustom" the user to receive funds on an address, thus making it less prudent in the real dust attack.
  • The attacker sends satoshi to a used but empty address. The receiver then aggregates those satoshi to a new address by making a payment. At that point the old address and the new one are "linked" and the attacker can, with methods of chain analysis, try to trace your identity, having discovered, however, that you also have control of the old address.
  • The attacker sets up a bitcoin faucet (or a bitcoin fork - do you remember United Bitcoin?), where it is possible to get some satoshi upon registration with an email. At that point, if you combine those satoshi with your main address, well, the attacker has extra starting data to identify you (an email, even if fake, provides a lot of information, for example a connection IP).
  • Extremizing: an exchange that offers you $ 30 to register, after KYC, is practically performing a dust attack. Except that in that case, using the chain analysis company you just bought, you can perform a very efficient tracking of your UTXOs. Do you think this is an impossible scenario? it already happened.
  • Exaggerating 2: an exchange (the same as the previous point) offers you $ 80 in shitcoins by answering easy videos and questions, after KYC, is practically performing a dust attack. Except that in that case, using the chain analysis company you just bought, you can perform a very efficient tracking of your UTXOs. Do you think this is an impossible scenario? It is happening now.

So, what to do when you receive dust on your wallet?

Two cases:

  • Attacker sent you on a positive balance address: there's nothing much you can do about that. The address is public, the balance is public, having dust on such address is not something you can control. Spending this dust does not pose any additional threat than moving your coins on that address. You can consolidate those coins and keep with your usual life.
  • Attacker sent you on a zero balance address: this is a proper dust attack. The address is public, built it is not possible to link to your current address. Spending this together with your coins poses a privacy risks. The attacker doesn't know anything about your current address, if you spend the two UTXO together they are able to link them.
    For this reason you have to use Coin Control feature: clearly mark that dust UTXO as "do not spend" (many wallet allow for this, Wasabi being one of those) to that attacker cannot track you down.

Another example is the exchange airdop made by our government friendly exchange:

Let's work an example out.
They give you some Stellar Lumens, provided you see some videos.
Of course you don't care about XLM's, so once you get them you sell them immediately for BTC.
Since you are an advanced BTC user, you know that "not your keys not your Bitcoin", so you get your BTC and witdraw them  in your private wallet.
You froget it for a few weeks.
Two months later, taking advantage of the empty mempool, you decide to consolidate your addresses into one. You then put those few satoshi together with your 100 BTC you bought back in 2010.
Well, now the shrewd chain analytics company is able to understand that even the 100 BTC are yours.
The chain analytics company sells the information to the tax authorities, and you're screwed.
Or sell it to a criminal organization, and you're even more screwed.

How to defend yourself:
Two tips immediately come to mind:
  • Keep the "kyc" and "anonymous" addresses absolutely separate, many wallets allow different UTXOs to be marked with different labels: use this option!
  • If you really need to consolidate the addresses, before doing so, let them go through a coinjoin. However, having an anonymous set is not perfect, but at least you don't have an obvious link to your address.
As usual I will try to update this thread by completing it with better information and examples as they become available.
I look forward to your comments!
This is nice. There's another article you could maybe use to add to this information - https://medium.com/cobo-vault/everything-you-need-to-know-about-the-dusting-attack-f0151f5a8843
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10434



View Profile
December 05, 2019, 05:40:02 AM
 #17

Quote
The attacker sends satoshi to a used but empty address. The receiver then aggregates those satoshi to a new address by making a payment. At that point the old address and the new one are "linked" and the attacker can, with methods of chain analysis, try to trace your identity, having discovered, however, that you also have control of the old address.

this bold part is misleading because nobody can "trace your identity" this way, specially not by using blockchain analysis alone. all they can do is linking the different addresses if they weren't linked before only when the user consolidates the inputs in one transaction. and an address is not revealing the identity of the user on its own.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
December 05, 2019, 07:29:48 AM
 #18

<...>
This is nice.
<...>
Please, learn to quote responsibly.
It's not necessary to include the whole original text if you are replying to the thread without a specific quote reference.

I might suggest you two threads to help you familiarize with such topics:



Quote
The attacker sends satoshi to a used but empty address. The receiver then aggregates those satoshi to a new address by making a payment. At that point the old address and the new one are "linked" and the attacker can, with methods of chain analysis, try to trace your identity, having discovered, however, that you also have control of the old address.

this bold part is misleading because nobody can "trace your identity" this way, specially not by using blockchain analysis alone. all they can do is linking the different addresses if they weren't linked before only when the user consolidates the inputs in one transaction. and an address is not revealing the identity of the user on its own.

Bitcoin it is not an anonymous protocol, but a pseudonymous. If an exchange gives you a few satoshi and you consolidate those with your bitcoin stash, they are perfectly able to link your KYC'd addresses to the pseudonymous one. Same thing if they send dust to an empty address and if you send to a KYC'd address (or an address "touched" with a KYC'd one). This is what the sentence ion bold meant.
Please remember that this is not fantasy: Coinbase buying Neutrino (chain analysis company) AND giving out satoshis (https://www.coinbase.com/earn) is the reality.



..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10434



View Profile
December 05, 2019, 01:50:37 PM
 #19

this bold part is misleading because nobody can "trace your identity" this way, specially not by using blockchain analysis alone. all they can do is linking the different addresses if they weren't linked before only when the user consolidates the inputs in one transaction. and an address is not revealing the identity of the user on its own.

Bitcoin it is not an anonymous protocol, but a pseudonymous. If an exchange gives you a few satoshi and you consolidate those with your bitcoin stash, they are perfectly able to link your KYC'd addresses to the pseudonymous one. Same thing if they send dust to an empty address and if you send to a KYC'd address (or an address "touched" with a KYC'd one). This is what the sentence ion bold meant.

exactly my point.
they can not identify you by only using "dust attack" technique that you explained here. for example someone can have 2 addresses both not-linked to his identity. first one that is empty receives dust then he links it to the second one, there still is no way of linking these two to his identity. similarly the another person may have 2 addresses both linked to his identity, the empty one receives dust and he links it to the other one. no additional privacy was lost here.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
fillippone (OP)
Legendary
*
Offline Offline

Activity: 2114
Merit: 15180


Fully fledged Merit Cycler - Golden Feather 22-23


View Profile WWW
December 05, 2019, 02:05:44 PM
Last edit: December 05, 2019, 02:16:12 PM by fillippone
 #20

exactly my point.

Ok. So we do agree.
The misunderstanding comes from the fact that I define (as I think also all the link I surveyed) the dust attack as not only the sole act of sending dust to an address, but also the complex of following actions, that, if not properly monitored by the recipient of this attack, can lead to some loss of privacy.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Pages: [1] 2 3 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!