Cryptocurrency exchange Binance today reported that hackers are attempting to break the privacy of Litecoin users.
The Malta-based trading platform stated that some malicious entities launched a so-called dusting attack on Litecoin wallets. They sent tiny quantities of LTC units, or dust, to victims’ addresses. The amounts are so small that many of the recipients do not even notice them. And if they accidentally send the same “dust” alongside their own money to other addresses, they unintentionally expose their true identities to the hackers.
One of many transactions: https://t.co/zgk9gPRNcU
Here’s what you need to know and how to protect yourself:https://t.co/KNVoQLwBUb
— Binance (@binance) August 10, 2019
How Dusting Attack Works?
The open-nature of public blockchains allow onlookers to see a trail of transactions from one wallet to another. Nevertheless, those spectators cannot immediately know the people involved in the money flow. It is because they hide behind a cryptographic code. So someone by the name of, say, Anthony Pompliano, can go anonymous as 1Nuxkyuuetgd8687bxgfsgk.
Hackers, which may be law enforcement agencies, attempt to break the alphanumeric code to realize who is behind it. Dusting attack somewhat assists them. A minor, unnoticeable transaction gets spend by the target, which opens a new trail of research-worthy transactions.
“The goal,” says Binance, “is to eventually be able to link the dusted addresses and wallets to their respective companies or individuals. If successful, the attackers may use this knowledge against their targets, either through elaborated phishing attacks or cyber-extortion threats.”
Bitcoin, the world’s first and foremost public blockchain, came under a similar attack in late October 2018. Developers of the Bitcoin’s Samourai Wallet announced that some of their users were at risk of losing their anonymous shields. The service later introduced a real-time alert for dust tracks, including a “Do Not Spend” feature that alarmed users when they were going to use the dust funds. Binance explains:
“Since dusting attacks rely on a combined analysis of multiple addresses if a dust fund is not moved, attackers are not able to make the connections they need to “de-anonymize” the wallets. Samourai Wallet already can report suspicious transactions to their users automatically. Despite the dust limit of 546 satoshis, many dusting attacks today are well above it and are usually ranging from 1000 to 5000 satoshis.”
Dusting attack does not steal funds from users.