Dusting Attacks - Reading Assignment

What is the goal of a dusting attack?

The goal is to link transactions and to deanonymize the person or company behind each wallet.

If a dusting attack is successful, how is the victim at risk?

A victim can be linked to transacations and other parties putting them at risk of data breaches and being targeted by criminal agents.

Do dusting attacks work for type-1 HD wallets, type-2, or both?

Both

What features did Samourai Wallet add to protect against dusting attacks?

By implementing a real-time alert for dust tracking and incorporating a “Do Not Spend” feature

1. It is to try and identify the company or person behind the wallet

2. becomes venerable to cyber/phishing attacks

3. No dusting attest can link different public address

4. they alert you to dusting tracking and allow you to lock UTXOs from being spent

1. To identify the person or company behind each wallet.

2. The attackers may use this knowledge against their targets, either through elaborated phishing attacks or cyber-extortion threat

3. changing addresses makes it harder to track activity.

4. Samurai Wallet implemented both the “Do Not Spend” feature as well as a “dusting alert” to notify users of possible attacks.

1. To determine which addresses are connected to what wallets and who owns the wallet.

2. If successful a victim could be subject to extortion and phishing attacks.

3. It could happen on both but would be harder for the attack to work on type-2.

4. They added a "Do Not Spend " feature to suspicious funds so that those funds won’t be spent and thus the attack would be neutralized.

1. The goal of a dusting attack is to identify the wallet user/company identity by figuring out which public keys are associated with which particular wallet,

2. The victim can be susceptible to cyber extortion threats or phishing attacks.

3. Dusting attacks work for on both type-1 and type-2 wallets but type-2 would be harder since there are more public keys involved.

4. The samourai wallet has a real-time alert for dust attacks and a feature that does not spend funds that are marked as suspicious (the dust portion received).

1. What is the goal of a dusting attack?

The goal is to eventually link the dusted addresses and wallets to their respective companies or individuals.

2. If a dusting attack is successful, how is the victim at risk?

The attackers may use this knowledge against their targets, either through elaborated phishing attacks or cyber-extortion threats.

3. Do dusting attacks work for type-1 HD wallets, type-2, or both?

Only type 1 HD addresses.

4. What features did Samourai Wallet add to protect against dusting attacks?

“Do not spend”, to avoid those suspicious funds to be included in future transactions as UTXOs.

They work on both.

1. The goal of a dusting attack is to break the privacy of cryptocurrency users, including users of Bitcoin by sending tiny, itty-bitty amounts of crypto to their wallets known as dust. Like the dust that settles on furniture, Bitcoin dust is rarely noticed by anyone.

2. If a dusting attack is successful, the victim’s personal information, including his/her name, is exposed. The attacker can then use the information to perform phishing or other cyber-extortion threats.

3. Dusting attacks do not work for type-1 or type-2 HD wallets.

4. To protect against dusting attacks, Samourai Wallet added added a “Do not spend” feature that “lets users mark suspicious funds, so these are not included in future transactions.”

Source: https://academy.binance.com/en/articles/what-is-a-dusting-attack

1. It’s goal is to deanonymise the person or company behind each wallet.

2. The attackers may use their knowledge against their target, for example phishing attacks and cyber-extortion threats.

3. No, because when a user spends funds there’s usually no way to prevent dusting.

4. A real-time alert for dust tracking and a “Do Not Spend” feature that is marked as suspicious funds and will not be included in future transactions.

1. To track the transactions of a wallet and eventually identify the person.
2. Once the hacker identifies you, he tries to perform phishing attacks or gives you Cyber Extortion threats.

1. The goal of a dusting attack is to break the privacy of Bitcoin and cryptocurrency users by sending tiny amounts of coins to their wallets. The transactional activity of these wallets is then tracked down by the attackers, who perform a combined analysis of different addresses to deanonymize the person or company behind each wallet.

2. If attackers are successful at linking the dusted addresses and wallets to their respective companies or individuals they may use this knowledge against their targets, either through elaborated phishing attacks or cyber-extortion threats.

3. Dusting attacks work for both if we move the dust.
   Since dusting attacks rely on a combined analysis of multiple addresses, if a dust fund is not moved, attackers aren’t able to make the connections they need to “deanonymize” the wallets.

4. The Samourai Wallet team implemented:

• a real-time alert for dust tracking and
• a “Do Not Spend” feature that lets users mark suspicious funds, so these are not included in future transactions.

1. What is the goal of a dusting attack?
   The goal is to eventually link the dusted addresses and wallets to their respective companies or individuals.
2. If a dusting attack is successful, how is the victim at risk?
   Victim can get phishing attacks or cyber-extortion threats.
3. Do dusting attacks work for type-1 HD wallets, type-2, or both?
   Yes for both. To protect you should never use dusted funds in futures transactions.
4. What features did Samourai Wallet add to protect against dusting attacks?
   “Do Not Spend” feature that lets users mark suspicious funds, so these are not included in future transactions.

1. by identifiying your id and wallets by waiting for those small amounts of cryptocurrencies that send to your wallet to be moved around
2. By the attacker knowing your balances, transactions that leave a spending patern so the victim can be blacklisted, randsomeware, etc.
3. No because if the dust is moved it can be tracked
4. Real-time alert for dust tracking as well as a “Do Not Spend” feature that lets users mark suspicious funds, so these are not included in future transactions

1)A dusting attack refers to a relatively new kind of malicious activity where hackers and scammers try and break the privacy of Bitcoin and cryptocurrency users by sending tiny amounts of coins to their wallets.
2)The person or company that owns the wallet would lose their anonymity and the attackers could use this knowledge against them either through elaborate phishing attacks or cyber extortion threats.
3) Both, That is way we must have security measures that may include a VPN along with a trustworthy antivirus in all of your devices, encrypting ours wallets, and storing ours keys inside encrypted folders.
4) The Samourai Wallet team implemented a real-time alert for dust tracking as well as a “Do Not Spend” feature that lets users mark suspicious funds, so these are not included in future transactions.

1.) Deanonimize the user and use information against victim
2.) phishing, cyber extortion
3.) work on both
4.) real-time alert, do not spend feature

1. What is the goal of a dusting attack?

The goal is to eventually link the dusted addresses and wallets to their respective companies or individuals.

2. If a dusting attack is successful, how is the victim at risk?

The attackers may use this knowledge against their targets, either through elaborated phishing attacks or cyber-extortion threats.

3. Do dusting attacks work for type-1 HD wallets, type-2, or both?

Dusting attacks works on both types.

4. What features did Samourai Wallet add to protect against dusting attacks?

The Samourai Wallet team implemented a real-time alert for dust tracking as well as a “Do Not Spend” feature that lets users mark suspicious funds, so these are not included in future transactions.

1. A dusting attack serves to deanonymize the person or company behind each wallet.
2. The attackers may use this knowledge against their targets, either through elaborated phishing attacks or cyber-extortion threats to reveal user identity o
3. Both types as transactions will still lead to one wallet
4. The Samourai Wallet team implemented a real-time alert for dust tracking as well as a “Do Not Spend” feature that lets users mark suspicious funds, so these are not included in future transactions.

1. The goal is for the attackers to gain analytical data for deanonymize the wallet owner, and then target the wallet owner for further attack.

2. The victim potentially would be victim of phishing attacks or other cyber-extortion threats.

3. Both

4.A real-time alert was implemented for dust tracking, and “Do Not Spend” feature that lets users to mark suspicious funds so the suspicious funds are not included in future transactions.

1. To identify the owner of one or more addresses.

2. They may become the target of fishing attacks or cyber-extortion.

3. Both.

4. Real time alerts, as well as a “Do Not Spend” feature that allows users to mark suspicious funds so they are not used in future transactions.

1. The goal is to de-anonymise blockchain users
   (however, neither the article nor the video explain EXACTLY HOW the dust makes it any more able to de-anon a user over just doing normal block-chain analytics!!! like how does it actually give them more info than just regular linking of addresses)
2. A link to real world identity, i.e. loss of anonymity
3. Assume Both?
4. Warning of dust transactions and ability to mark them not to be spent.