This is for those interested in this matter, or for people holding a lot of crypto that value their privacy and security.
I describe how you can be targeted through a dusting attack in three scenarios:
- Criminals already have your personal data
- You end up owning stolen funds
- You are targeted with a phising attack
I am under the impression that most people and even reputable crypto websites sites don't get it right on how dusting attacks really can hurt you from a practical standpoint, and don't get to describe a real-life attack vector.
Everyone agrees that dusting attacks can be dangerous for crypto owners, but it is hard to understand exactly how they can affect you. It is even worse as it is apparent that the victims never really get aware of how they were targeted. There are not many stories of people stating that "I was stolen through a dusting attack", and those who are aware of dusting attacks never really got any apparent negative consequence from them, giving the impression that it is a fake risk indeed.
Most informational articles you find about dusting (like this, this or this) agree that supposedly cybercriminals send tiny amounts of crypto to random wallet addresses to be able to track their owners and infer their personal data and the volume of their crypto holdings, but when it comes the time to specify the details of how those attacks specifically work, the dissertation ends just there with a generic remark like "the owner can be deanonimyzed when he transfers funds to an exchange". I find this simply stupid, as the criminals already have all the blockchain public data at their disposal, and I don't see how sending BTC to random unknown addresses could give them more information that they already have at their disposal. If they want to track random addresses they don't need to inject into them any additional funds, and that will be in fact counterproductive as they are alerting their targets that someone is trying to track them.
These are the mechanisms I'm aware of that can justify a genuine dusting attack, that after all in a blockchain such as Bitcoin can be very expensive to execute indeed:
The first mechanism is the dangerous one, "THEY ALREADY KNOW WHO YOU ARE", and the criminals are just evaluating if you are a worthy target for extortion or assault. Say that a criminal gang have access to the database of transactions of some legitimate or unlegitimate business you have transacted with in the past. Legitimate can be any online shop where "we accept btc" that is hacked by the gang, a public address you posted in an online forum, or a peer-to-peer transaction you made in localbitcoins.com. Unlegitimate could be any of such databases sold in the Darknet, or that shady Silk-Road-like shop where you bough a joint ages ago. They may have your physical address and/or personal details linked to an old BTC public address where you no longer keep funds. With that information they can inject some fresh funds into that address in the hope that your wallet combines that dust into a new transaction without you realizing, linking it in the process with your current wallet addresses. They can do this in parallel with hundreds or thousands of other customers from their stolen databases, until they hit bingo and link one known address with a wallet full of fresh tasty BTC. Then they can switch to legacy technologies and hit you with a $5 wrench attack, or extort you with the information they have about you. Remember that THEY HAVE YOUR ADDRESS, or at least the have means to get it, and they can track you in real life.
The second mechanism a gang can benefit from a dusting attack is less dangerous. The gang has stolen funds that they want to launder. They divide them in countless transactions sending some of them to random legitimate wallets with active funds. Cost here is not an issue because they are stolen funds after all. They can spread some money to legitimate addresses and the rest to addresses under their control. The victim pays all the expenses. This is in a way like a bank-robber throwing out money from the car to make the crowd block the police cars that are chasing them. Now tracking them is almost impossible for the authorities because the funds are spread into countless wallets of innocent people that will include them into their future transactions after posting in Reddit something like "LOL someone sent me $100 in BTC by mistake".
Another secondary way a dusting attack can work in some blockchains, not really in BTC, is using it as a way for spreading phishing attacks, attaching messages or links to the transferred funds to entice recipients to go to the referred address to receive more,as some wallets support this kind of in-chain communication. This is very low tech attack, and not a bigger concern than regular email phishing or any other traditional mechanism to spread spam. The only benefit for the attackers is that they already know the target has a certain level of funds available. I'm not totally sure if this can even qualify as a genuine "dusting attack".
As for what are possible good methods to protect you against dusting attacks, some possible defensive actions could be:
- Change your hot wallet keys periodically, transferring all the funds to the new keys and abandoning the old ones. Do that preferably through mixers, exchanges or any other method where nobody can link the two wallets in the future. That way the old addresses from the old keys won't inject funds automatically into your new wallet if the old keys are dust-attacked.
- NEVER transact directly from a cold wallet to a merchant that knows your real identity, legitimate or not. Even legitimate merchants can be hacked in the future.
- Try to use a low-funded hot wallet for purchases where you have to provide personal information. That way if a gang succeeds tracking you, you won't look like an attractive target if your wallet holds very few funds.
- Try not to fill that kind of hot wallets directly from a huge cold wallet where you have tons of crypto. You can do it indirectly through a exchange, mixer or any other similar method that hides the real origin of funds.
- Use wallets that provide protection for dusting attacks, and never expend dust even if it a tempting big amount.
- The same applies to coins that are "fallen from the sky". Those are probably stolen funds, and in most if not all countries receiving stolen property is a crime.
Consider those actions if you hold a lot of crypto and you transact frequently with it in services where you have to provide personal identification. You may think that you are not a worthy target now but wait till BTC hits a $500K price...
In conclusion dusting attacks are dangerous when you aren't really aware of them and you have transacted in the past with shady individuals or legitimate business whose databases have been hacked or leaked. You are attractive for an attacker if you hold a bit stash of crypto in any wallet that can be linked to the attacked wallet. You are more exposed if you transfer funds directly between your cold and hot wallets because the will be easily linked. Possible protection tactics are changing keys periodically and breaking the links between your wallets in the blockchain.