Security & Privacy

Dust Attack

Sending tiny amounts of crypto to wallets to track their transactions and de-anonymize addresses through chain analysis.

Dust Attack — A dust attack is a blockchain surveillance technique where an attacker sends tiny amounts of cryptocurrency (dust) to a large number of wallet addresses in order to track and de-anonymize the recipients by analyzing their subsequent transaction patterns and address clustering.

How It Works

In a dust attack, the attacker distributes minuscule amounts of cryptocurrency — often fractions of a cent — to thousands or millions of wallet addresses. The term "dust" refers to amounts so small they are below the practical spending threshold. On Bitcoin, dust is typically under 546 satoshis; on Ethereum, it might be a fraction of a token worth less than a cent.

The attack exploits the transparent nature of blockchain transactions. When a recipient unknowingly includes the dust in a future transaction — for example, when their wallet combines multiple inputs to make a payment — the attacker can analyze the transaction graph to link previously unrelated addresses. This process, called address clustering, can reveal which addresses belong to the same person or entity.

Advanced dust attacks may use tokens instead of native cryptocurrency, sometimes airdropping worthless tokens with names designed to lure victims into visiting phishing websites ("visit [scam-site] to claim rewards"). These token-based dust attacks serve a dual purpose: surveillance and phishing.

Why It Matters

While dust attacks do not directly steal funds, they compromise financial privacy on public blockchains. By de-anonymizing wallet owners, attackers can build profiles for targeted phishing attacks, assess net worth for extortion, or sell the intelligence to data brokers. In extreme cases, linking a high-value wallet to a real identity could make the owner a target for physical threats.

Protection strategies include using wallets that flag and isolate dust UTXOs (Bitcoin), never interacting with unknown airdropped tokens (EVM chains), using privacy-focused transaction methods, and maintaining separate wallets for different purposes so that dust sent to one address cannot be linked to your other holdings.

Real-World Example

An attacker sends 0.00000546 BTC (about $0.003) to 50,000 Bitcoin addresses. Over the following weeks, many recipients' wallets automatically include this dust as an input when they make normal Bitcoin transactions. The attacker's blockchain analytics software tracks these transactions, linking multiple addresses to the same wallet. They identify a cluster of addresses holding 500 BTC and attempt to correlate the cluster with exchange deposit addresses to identify the owner's real-world identity.

Related Terms

Blockchain & Crypto Fundamentals

Private Key

A secret cryptographic string that grants full control over a wallet's funds; losing it means losing the wallet permanently.

Read definition Blockchain & Crypto Fundamentals

Seed Phrase (Mnemonic)

A 12- or 24-word human-readable backup of a wallet's private key, used to restore access to a wallet on any device.

Read definition Security & Privacy

Phishing (Crypto)

A social engineering attack where scammers impersonate legitimate projects or exchanges to steal wallet credentials or seed phrases.

Read definition DeFi & AMM

Smart Contract

Self-executing code stored on a blockchain that automatically enforces the terms of an agreement without intermediaries.

Read definition

Frequently Asked Questions

Common questions about Dust Attack in cryptocurrency and DeFi.

Can a dust attack steal my cryptocurrency?

A traditional dust attack cannot steal your funds — it is a surveillance and de-anonymization technique. However, dust attacks using airdropped tokens may include phishing elements (fake token names with scam URLs) designed to lure you into visiting malicious websites. Never interact with unknown tokens that appear in your wallet.

How do I know if I received a dust attack?

Check for tiny, unsolicited incoming transactions from unknown addresses. On EVM chains, look for random tokens you never purchased appearing in your wallet. Many wallets and block explorers flag dust transactions. If you see small amounts from unknown sources, do not interact with them — simply ignore them.

Should I send dust back or try to swap unknown tokens?

Never interact with dust or unknown tokens. Sending dust back reveals that the address is actively monitored and can link your addresses through the transaction. Trying to swap unknown tokens may trigger malicious smart contract functions. The safest response is to completely ignore any unsolicited dust or token airdrops.

Ready to put your knowledge into practice?

Start Boosting