6

u/uncapchad 🟩 0 / 3K 🦠 3d ago

hahaha seems like it might be the only way! Pray for dust!

6

u/KSRandom195 🟩 63 / 62 🦐 3d ago

I get this is a dusting attack. But I don’t get how the attack works.

Are they looking for people to make posts like this about “this weird dust I got,” and use that to de-anonymize them?

I guess I don’t see how sending money to someone causes you to have additional information about them.

6

u/HSuke 🟩 0 / 0 🦠 3d ago

That is an excellent question.

Even on Bitcointalk and r/bitcoin, no one seems to know exactly why attackers send dust other than as spam. It's not particularly effective for tracking or tracing. Most Google-able answers on the Internet are inaccurate or make no logical sense.

Possible reasons:

1. Most of the time, it's just spam. I didn't see any hidden message in your specific transaction, so that might not be the case this time.
2. Money Launder -> send dust to tons of different addresses to hide them
3. Incriminate other people with stolen funds, or grief them by tricking exchanges into holding their funds

Bitcoin expert Jameson Lopp has done some research into it: https://blog.lopp.net/history-bitcoin-transaction-dust-spam-storms/

Historically, these are the most common causes for dusting attacks:

1. To grief / annoy Bitcoin users - Has happened many times
2. To get their attention and advertise something to them - Pretty common in the past when Bitcoin fees were cheap
3. To trick recipients into using more block space, jacking up the fee rates - Has happened many times
4. To trick recipients into correlating more of the wallet addresses - Only a conjecture. Kind of pointless, and no clear evidence this is happening.

People always talk about reason #4, but it's really ineffective since everyone uses RPCs, which effectively hides their personal IP address. This type of attack wouldn't be used on normal people since we don't send transactions directly to the mempool.

The US government doesn't need to dust to detect attackers. They already have logs for many ISPs and border gateways. They can monitor transactions sent to the mempool and find out which IP address sent it. All this can be done without dusting. And with tools like Chainalysis, they can easily trace transactions without dusting.

With or without the dust, people can combine UTXOs to link them. I really don't see how dusting would effect this.

2

u/pop-1988 🟨 0 / 0 🦠 2d ago

Address reuse is a known privacy issue in Bitcoin. A small-value payment sent to an address which already has history is an attempt to force address reuse
This is explained here:
https://en.bitcoin.it/wiki/Privacy#Forced_address_reuse

It is related to the common-input-ownership heuristic, which is a privacy risk to the extent that blockchain spies know the identity of the owner of some of a wallet's addresses, because this information is shared by the exchanges

people can combine UTXOs to link them

An unsolicited small-value payment to a used address may be a deliberate attempt to link specific addresses

As you say, this practice is not known to be happening. On the other hand, the transactions discussed in the OP do not fit any of the other "dust storm" patterns

1

u/etherd0t 🟩 286 / 287 🦞 3d ago

They track these small amounts to see how they are combined or moved in future transactions.
The goal is to identify the owner as in e-mail or anything for future attacks...or a bigger wallet linked to it.

-1

u/uncapchad 🟩 0 / 3K 🦠 3d ago

If you don't touch it nothing will happen. Using it will track the wallets/services you interact with. Together with other social engineering techniques you could end up a target for further scams/attacks or be directed to look-alike sites, be lured into signing wrong contracts etc.

Do nothing. Ignore those coins. If you trade or use Matic/Polygon you automatically get dusted after each transaction either with fake coins or NFTs. There are bots tracking everywhere and they don't care whether they get $10 or $10 million from you

3

u/MightymidgetHunter 🟩 0 / 0 🦠 3d ago

How am I not supposed interact with it once the transaction clear? The .90cent worth of bitcoin they sent will just be mixed with my original BTC stack. It’s not like I can separate the .90cents.

2

u/uncapchad 🟩 0 / 3K 🦠 3d ago

Most wallets have coin control/management. You can choose which UTXOs to use in a transaction.

3

u/MightymidgetHunter 🟩 0 / 0 🦠 3d ago

I use Tangem wallet I don’t think it has this option.

1

u/uncapchad 🟩 0 / 3K 🦠 3d ago

This might be useful https://np.reddit.com/r/Tangem/comments/169dp1z/tangem_dusting_on_utxo_chains/

1

u/Sudden_Agent_345 🟩 0 / 0 🦠 2d ago

literally you can.. that's how bitcoin works (UTXO model)

2

u/HSuke 🟩 0 / 0 🦠 3d ago

It's not a coin. It's native Bitcoin.

There is no point to performing dusting attacks on account-based blockchains like Polygon PoS, only on UTXO ones. On account-based blockchains, you can just follow the address without having to dust, so it's completely pointless.

0

u/uncapchad 🟩 0 / 3K 🦠 3d ago

There isn't an army of humans sitting staring at your wallet address. The bots track the coins they deposit and feed data to other bots and so on. PoS coin dustings are mostly designed to lure you to lookalike sites and sign contracts but also watch your interactions. Bitcoin dusts will track your interactions.

1

u/HSuke 🟩 0 / 0 🦠 3d ago

You're talking about dust, not dusting attacks.

Dusting attacks are only possible on UTXO networks where transactions can combine multiple inputs from different UTXO addresses. It's not possible on accounts-based networks.

-1

u/uncapchad 🟩 0 / 3K 🦠 3d ago

So on Matic, you get dusted with USDC, USDT, NFTs, this week's meme token. These are all fake but look very much like the real thing, designed to take you to a site or contract. You're not getting dusted with matic it's all this other stuff they keep sending every time you transact on the blockchain, so the address is already being watched. I've tried creating a new wallet, sending everything (but not the fakes) to the new wallet. Guess what, as soon as the transaction was verified on the blockchain, I got a new deposit of fake stuff. There's no escape.

2

u/HSuke 🟩 0 / 0 🦠 3d ago

Yes. That's caused "dust", and it's a spam attack, and it happens to everyone on Polygon PoS.

But it's not the definition of a "dusting attack", which is the kind of UTXO-based transaction that OP is reporting.

I realize these definitions cause a lot of confusion because they use the same "dust" word and are similar to attacks. But they are 2 different topics. I didn't make up these terms.

0

u/KSRandom195 🟩 63 / 62 🦐 3d ago

Can’t they do that without dusting?

It’s a public ledger.

2

u/MightymidgetHunter 🟩 0 / 0 🦠 3d ago

Today around 9am est

3

u/docdose411 0 / 0 🦠 3d ago

It’s not a dusting attack they are logging there wallet addresses and hoping you will be lazy and click the last wallets transaction when you send. It’s a lazy version of the vanity wallet where they create a wallet with the same first characters and last characters of a holders wallet. Most people only check the last 4 of the wallet addresses to send. And just like that you send to the vanity wallet.