Market Cap: 24h Vol: BTC: BTC Dom:
Gold: S&P 500: EUR/USD: Oil (BRENT):

Dusting Attack

Dusting exploits the fact that most public blockchains are transparent by design. Because every address and transaction is visible on-chain, an attacker only needs to seed thousands of wallets with dust to start building a map of which addresses might belong to the same person or organization. The attack costs almost nothing to run at scale, which is what makes it appealing to bad actors compared to more resource-intensive scams.

On Bitcoin and similar UTXO-based networks, the technique works especially well because wallets often combine multiple unspent outputs, including dust, into a single new transaction to cover a payment. Once that happens, the attacker can use clustering analysis to link the dusted output to the wallet's other inputs, effectively grouping separate addresses under one owner. On account-based chains like Ethereum, the logic shifts slightly since balances aren't UTXO-based, but the same underlying goal, correlating addresses with wallet activity, still applies.

Not every dusting campaign is malicious. Blockchain analytics firms and law enforcement sometimes use similar tracing methods during investigations, and some researchers dust addresses to test network behavior. But for individual users, the practical risk is what follows identification: attackers who successfully de-anonymize a wallet may target the owner with phishing emails, extortion attempts, or physical targeting if their wealth becomes known.

Most modern wallets let users flag suspicious incoming dust as "do not spend," preventing it from being auto-included in future transactions. Users concerned about tracing sometimes route funds through a coin mixer or hold privacy-focused assets instead.

Dusting Attack Explainer Video

What is a Dusting Attack? | Crypto Terms Explained