The goal of dusting attack is to collect the dust eventually in a wallet and identify the identity and potentially blackmail them.
Above
Some are tryong by capturing those little dust transactions
The goal of dusting attack is to collect the dust eventually in a wallet and identify the identity and potentially blackmail them.
Above
Some are tryong by capturing those little dust transactions
What is the goal of a dusting attack?
Break the privacy of bitcoin and cryptocurrency users.
If a dusting attack is successful, how is the victim at risk?
Can use the attak to elaborate phishing attacks or cyber-extortion threats to the user.
Do deterministic wallets protect against dusting attacks?
No
What features did Samourai Wallet add to protect against dusting attacks?
The Samourai Wallet team implemented a real-time alert for dust tracking as well as a “Do Not Spend” feature that let users mark suspicious funds, so these are not included in future transactions.
Ah, true, also in EOS it doesn’t make sense a dusting attack I guess, as it’s so easy to just track the address and see all transactions coming and and going out, just as you could do on Ethereum.
So this seems more a spam attack, like when your e-mail is exposed in some website and someday some crawlers picks it up and it ends in the hand of spammers…
In EOS it’s really annoying, they know my address and continue to send spam news… it’s like e-mail in the first days, without spam filters…
What is the goal of a dusting attack?
The goal is to find out which public addresses belong to the same wallet, making it easier to deanonmyze the user.
If a dusting attack is successful, how is the victim at risk?
phishing or extortion attacks
Do deterministic wallets protect against dusting attacks?
no, dusting attacks can potentially link different public addresses.
What features did Samourai Wallet add to protect against dusting attacks?
the wallet alerts the users of suspicious dusting funds, and the user can mark them not to be used in future transactions.
Hey @Grant_Hawkins , what about if you send the dust funds on the exchange. Probably the track is lost there?
What is the goal of a dusting attack?
Link addresses and wallets to a specific user or company. Deanonymize the blockchain.
If a dusting attack is successful, how is the victim at risk?
The victim may be a target for phishing attacks or even extortion practices.
Do deterministic wallets protect against dusting attacks?
If you spend your “dusting” funds it will not protect you against this attacks.
What features did Samourai Wallet add to protect against dusting attacks?
A realtime alert for dusting attacks and a Do Not Spend feature for suspicious funds.
I have many different Bitcoin addresses: some to accept donations on Github, some for my darknet store. All of my accounts come from the same seed. Let’s imagine my darknet store’s address gets dusted.
Now I want to deposit my Github donations to an exchange to pay my rent. My wallet, with the master private key, might deposit the dust UTXO into the exchange too. Now whoever dusted the darknet account can see that it’s in a transaction with a UTXO from my Github page. Busted!
Hei, thank you for the reply but I have problem with understanding it.
What means All of my accounts come from the same seed?
Do you have both addresses (Github and darknet store) generated in same wallet, or two different wallets (lets say 2 ledger nano S Ledgers).
Could 2 different addresses in same wallet be somehow conected together prior of making any transactions?
Thank you
BR
1- Break the privacy of bitcoin and cryptocurrency.
2- The transactional activity of these wallets is then tracked down by the attackers, who perform a combined analysis of several addresses as an attempt to identify the person or company behind each wallet. If successful, the attackers may use this knowledge against their targets, either through elaborated phishing attacks or cyber-extortion threats.
3- In deterministic wallets, a brand new Bitcoin address is created for every new receiving transaction or payment request as a way to preserve users privacy. But if dusting funds are moved attackers are still able to trace them.
4- They implemented a real-time alert for dust tracking as well as a “Do Not Spend” feature that let users mark suspicious funds, so these are not included in future transactions. If a dust fund is not moved, attackers are not able to make the connections they need to “de-anonymize” the wallets.
1. What is the goal of a dusting attack?
The goal of a dusting attack is to deanonymize crypto holders by linking multiple addresses to one wallet.
2. If a dusting attack is successful, how is the victim at risk?
The victim is at risk for coercion because the attacker linked their crypto addresses to their wallet and ultimately to the individual.
3. Do deterministic wallets protect against dusting attacks?
Deterministic wallets do not protect users against dusting attacks. Regardless of how addresses are created, the goal of a dusting attack is to link multiple addresses.
4. What features did Samourai Wallet add to protect against dusting attacks?
Samourai Wallet added a “Do Not Spend” feature to their wallet as well as a real-time alert for dust tracking.
1. What is the goal of a dusting attack?
To figure out who is behind the address. (de-anonymize the user)
2. If a dusting attack is successful, how is the victim at risk?
Their real identity is uncoverd which can be used for phishing attempts and blackmail (scams) or really anything else that has to do with ur identity.
3. Do deterministic wallets protect against dusting attacks?
No, since the dusting transactions can be sent to any address, does not really matter which address it uses as long as it’s an address that sends the transactions further (with the “dust” on it)
4. What features did Samourai Wallet add to protect against dusting attacks?
A wallet where you can prohibit certain inputs to be used. So if u see that you have recived a very small sum on bitcoin u can prohibit the wallet from using it.
1- Deanonymize users of wallets by linking transactions together from the public ledger.
2- The victim is usually a target of a Phishing attack or cyber extorsion… it could also be a subject of an investigation run by authorities.
3- i understand they do when funds are being moved between a personal wallet and an exchange in which you were submitted to KYC. Because you Identity info is recorded in the exchange server, and that makes it easier for attackers to know who are if they see frequent transactions between the exchange and the same address.
4- The Do not spend feature
and a real time tracker of dust transactions.
Not prior to making any transactions. It’s a good point.
They could only be connected if UTXOs from both addresses are used as inputs to the same transaction, or linked through chain analysis.
The goal is to be able to analyze transactions and unmask the identity of wallet owners.
Attackers can use knowledge of a user’s wallet addresses to engage in phishing attacks or extortion.
Somewhat, as new addresses are used for each transaction.
Samourai implemented an alert system to report potential dusting transactions. They also enabled a ‘do not spend’ feature, so that you can earmark potential dusting transactions to stay in your wallet. If these UTXO’s are not respent, it isn’t possible for attachers to analyze your transactions and determine common ownership of addresses.