Dusting Attacks - Reading Assignment

[quote=“Grant_Hawkins, post:1, topic:13032”]
What is the goal of a dusting attack?
The goal of a dusting address is to identify the idendity of a a person or firm behind a public crypto address in order to conduct malicious treats to them.

If a dusting attack is successful, how is the victim at risk?
The risk is that the attacker can use his new acquired knowledge of the user to create an ad hoc phishing threat or even an extortion technique.

Do dusting attacks work for type-1 HD wallets, type-2, or both?
Deterministic wallet can protect from dusting attack changing the receiving address after every transaction
What features did Samourai Wallet add to protect against dusting attacks?
Samourai Wallet sends an alert to their users on suspicious or dust transactions, they also implemented a “do not spend” feature to allow users to mark those suspicious funds and prevent them from using them.

1. What is the goal of a dusting attack?
   Deanonymize the owner of the wallet.
2. If a dusting attack is successful, how is the victim at risk?
   Their identity will be know. If they have large amounts of BTC they could become targets of bad people.
3. Do dusting attacks work for type-1 HD wallets, type-2, or both?
   Both
4. What features did Samourai Wallet add to protect against dusting attacks?
   They added a real time alert for dust tracking and a DO Not Spend feature

1. What is the goal of a dusting attack?
2. If a dusting attack is successful, how is the victim at risk?
3. Do dusting attacks work for type-1 HD wallets, type-2, or both?
4. What features did Samourai Wallet add to protect against dusting attacks?

1- To identify the person or firm behind the Public Address.

2- It makes them susceptible to cyber or even physical attacks or threats.

3- It works for Type 1 wallets.

4- They gave the alert and implemented a Don’t spend warning.

It works on both.

Hello, I thought that, given that Type 2 generates new public keys for each transaction, this strategy will not work. But as I type, i guess the thing is you bite the hook when you spend the dust, right?
Thanks for the help!

Both type 1 and type 2 generate a new addresses, the difference that with type 2 you can separately store the master key and generate new addresses from a public key, which is useful for services like e-commerce where you can deploy a public key on the site that generates new addresses without the master key.
So yes dusting attack links the addresses that are spend together in a tx therefore it does not matter how the addresses were derived.

1. The goal of a dusting attack is to identify the owner of a wallet by linking the small amount of crypto dust to multiple transactions.
2. The victim may then be the target of sophisticated phishing attacks, cyber extortion, and even physical attacks.
3. Yes. I believe it works for both?
4. They added a feature warning the owner of the wallet that dust has been sent to them. The wallet then gives you the option of flagging the dust as “do not spend”.

Dusting Attacks - Reading

1. The goal of a dusting attack is to link the dusted addresses to their respective owners wallet, ie individuals and companies.

2. A successful dusting attack on an individual could risk an elaborate phishing attacks or cyber - extortion threats by the attackers.

3. Dusting attack could happen for both Type1 and Type 2 wallets depending on how the owner use their wallet. It is up to the individual to take the necessary precautions to safeguard against an attack.

4. The features that Samurai add to its wallet are a real-time alert for dust tracking as well as “Do Not Spend” feature that lets users mark suspicious funds, so they are not included in future transaction.

1. What is the goal of a dusting attack? to de-anonmize an address by connecting an outbound transaction to multiple inward UTXOs and revealing the identity of the owner of the wallet.

2. If a dusting attack is successful, how is the victim at risk? If they work out your IP address, you can then be the victim of a phishing attempt or direct extortion.

3. Do dusting attacks work for type-1 HD wallets, type-2, or both? Both.

4. What features did Samourai Wallet add to protect against dusting attacks? Real time alerts for tracking dust, marking dust with a “do not spend” tag so you don’t use it so it cant be traced, and a dust limit of 546 satoshis.

1. Dusting attacks are performed to track the movement of bitcoins from one address to another. It is an attempt to deanonymize the identity of the owner of a wallet. This attack is conducted by sending a small amount of Bitcoin (between one and few thousand satoshis) to a wallet address and can be tracked as transactions are created from that address.

2. If a dusting attack is successfully conducted by criminals, the victim is at the risk of phishing attacks, cyber-extortion threats, or being ransomed.

3. Both type-1 and type-2 wallets are susceptible to dusting attacks because the old public addresses that contain the dust can be linked to the new key pairs.

4. Samourai wallets implement a real-time alert and a “Do Not Spend” feature that notifies the user about suspicious funds (Bitcoin dust) so that they are excluded in future transactions.

1. A very small amount of cryptocurrency is sent to many addresses, when that currency gets spent then the hackers trace all the public keys to see if any were spent by the same wallet. Once they are able to determine a wallet and are able to get information on who it might be then they can launch a directed attack.

2. The victim can become the target of phishing attacks, extortion or more in-depth scams such as sim swaps.

3. Yes it will work on both types of wallets but there are steps the user can take to limit exposure. Monitor balance for dusting and do not spend any dust, use only one time receiving and sending addresses so its harder to track.

4. They added a do not spend feature which can automatically track small dust amounts. Hackers have found a way around this by sending more satoshi’s, but users can manually add do not spend to any UTXOs.

1. What is the goal of a dusting attack?
   To send small amounts of a cryptocurrency to multiple users so that the attacker can track and deanonymize the user.
2. If a dusting attack is successful, how is the victim at risk?
   They might find enough information to launch a phishing attack and steal their private keys, cryptojack or hold them to ransom.
3. Do dusting attacks work for type-1 HD wallets, type-2, or both?
   No, because transactions will include the dust therefore be trackable
4. What features did Samourai Wallet add to protect against dusting attacks?
   Alerts to suspected dust attacks as well as a do not spend feature.

1.)The goal of a dusting attack is to deanonymize a user.

2.)If a Dusting attack is successful the victim would be open to elaborate phishing scams and ransomeware attacks.

3.)While dusting may occur for type-1 and type-2 wallets, the attack itself is less of a possibility since the address is changed with every transaction.

4.)Samouri wallet took the leap of identifying possible dust between transactions and can even make you aware of it so that you can label and set it aside as to not spend it.

1. The goal is to determine the identity of a Bitcoin user.
2. The victim is at risk because it can be the target of further attacks.
3. No, because a new key is generated for each new transaction.
4. The Samourai Wallet detected suspicious ‘small’ bitcoin amounts, and prevented the user from spending these money so that the money will not leave traces.

It works on both because it links the addresses once the outputs are being spent.

1. The goal of a dusting attack is to deanonymize the wallet receiving the dust.

2. Once the owner of the dusted wallet is known, phising attacks, ransonware and other various cyber attacks can be employed to try and part the owner and their coins.

3. Both type-1 and type-2 wallets are affectedby dusting attacks.

4. Samourai Wallet added the “Do Not Spend” feature, to allow users to not spend any malicious/unknown transactions. This is because the best thing you can do to protect yourself against dusting attacks is to not spend the dust. If you don’t spend the dust, then there’s nothing for malicious individuals to analyze/deanonymize.

1. The goal of a dusting attack is to link multiple accounts to one person so that the attacker may target them through various personal scams such as phising or ransomware.

2. The victim will be at risk if the dusting attack is successful because the victim can and will most likely be target at a personal level by the attacker that can scare the victim into giving their coins away.

3. No, because the dusted funds sent to your wallet will still be traceable once you use them in another transaction.

4. The Samurai Wallet team implemented a real-time alert for dust tracking as well as a “Do Not Spend” feature that let users mark suspicious funds, so these are not included in future transactions.

1. What is the goal of a dusting attack?
   identify a person or company behind each wallet.

2. If a dusting attack is successful, how is the victim at risk?
   They would be able to track where the dust was spent and try to work backwords to identify the wallet holder.

3. Do dusting attacks work for type-1 HD wallets, type-2, or both?
   Both

4. What features did Samourai Wallet add to protect against dusting attacks?
   Identify suspicious funds and mark them as such with a “Do Not Spend” feature so those suspicious funds are not included in future tx.

1. to expose users identity
2. all their tx can be followed
3. no, but some like Samurai try to identify dust tx and you can choose to mark funds to never send
4. same as above.

Dusting attack actually works on both wallet types.