🌫️ Dusting Attack Dusting Attack
Someone sends a tiny, near-worthless amount of crypto (called dust) to thousands of wallets, then watches the public blockchain to link those wallets together and work out who owns them. The dust is a tracer, not a gift.
🪙 First, what is "dust"?
Dust is an amount of crypto so small most people never notice it. On Bitcoin the smallest unit is one satoshi (0.00000001 BTC), and Bitcoin Core treats any output smaller than the fee needed to spend it as dust — roughly 546 satoshis for older (non-SegWit) outputs and 294 satoshis for native SegWit. Below that, the network can reject the output as spam. Attackers often send a bit more (say 1,000 to 5,000 satoshis) so the dust survives and stays trackable. Note: exchanges also use the word "dust" for leftover tiny balances you can sweep into another coin — that meaning is harmless and unrelated.
🔍 How the attack actually works
Public blockchains record every transaction forever, in the open. A dusting attack abuses that transparency in four steps:
- 🌫️ The attacker sends micro-amounts of crypto to a large number of addresses, sometimes thousands at once.
- 👁️ They monitor the chain on a block explorer and wait, tracking exactly where that dust goes.
- 🔗 When a victim later spends and bundles the dust together with their other coins in one transaction, those addresses get linked as belonging to the same owner.
- 🪪 Combining many linked addresses, the attacker can deanonymize the person or company behind the wallet.
🪙 Think of it like a stranger slipping a marked banknote into your wallet, then following where you spend it to map all your hiding spots and habits. The dust is the marked note.
🎯 Why a beginner should care
Because the ledger is public and permanent, your privacy can quietly erode. Once a wallet is tied to a real identity, that person becomes a target for phishing, extortion, or tailored scams. Most beginners first meet dusting as unexpected tiny tokens showing up in their wallet — sometimes carrying a scam link in the transaction memo, sometimes as fake tokens or NFTs designed to bait you into clicking. Privacy-focused coins like Monero are built to resist this kind of chain tracing in the first place.
🛡️ What to do (and not do)
- 🚫 Don't spend the dust — moving it bundled with your real coins is exactly what links your addresses. Many wallets let you flag a tiny output as "do not spend."
- 🔗 Don't click links in the memo — a message like "claim your reward here" leads to a phishing site, not a gift.
- 🪙 Don't interact with mystery tokens — claiming or swapping a fake token can grant a malicious contract permission to drain your wallet.
- 🆕 Use fresh addresses — a new receiving address per transaction makes you harder to track over time.
📊 Receiving dust does not give anyone access to your money. The harm only triggers from what you do next, so ignored dust is basically just spam.
❓ FAQ
- I got a tiny coin I never bought — was my wallet hacked?
- No. Anyone can send crypto to your public address, and receiving it gives them zero access to your funds. Dust by itself cannot move or steal your coins. The risk only starts if you spend that dust or interact with a fake token that came with it.
- How does sending me dust help anyone find out who I am?
- The blockchain is public. If you later spend that dust bundled with your other coins in one transaction, those addresses get tied together as the same owner. Repeat that across many wallets and an attacker can map your activity and try to match it to a real identity.
- What should I do with dust sitting in my wallet?
- Leave it alone. Don't spend it, don't click any link in the transaction memo, and don't try to claim or swap mystery tokens. Some wallets let you flag a tiny output as "do not spend" so it never gets bundled into your real transactions. Ignored dust is basically just spam.