Bitcoin Dusting Attacks Threaten Anonymity of Several Wallets

Nuno Teodoro

Bitcoin wallet service  Samourai Wallet has recently warned its users that they may be targets of a dusting attack.

The announcement was made on the company’s Twitter earlier today.


The Samourai team consider themselves to be privacy activists, and deeply committed to maintaining transactional privacy while striving to create the most private bitcoin wallet.

Dusting Attacks

A dusting attack involves a malicious agent sending a small number of satoshis to multiple addresses. The amount sent is so insignificant that it started being referred to as dust, hence “dusting” attack.

When the wallets that receive “dust” make the further transactions, the attackers are able to observe the movement of the funds on the blockchain. By combining transactional data from a wide range of addresses, they are able to link multiple addresses with each other. Doing so makes it possible to identify certain addresses as belonging to a certain person or company.

To mitigate the problem and maintain the anonymity of its users, Samourai Wallet recommends wallet owners activate the coin control feature. This allows users to control how they spend their bitcoins when making a transaction, essentially giving them the opportunity to choose what addresses will be the ones sending the bitcoins and which of the bitcoins you have received will be used.

It is important to note that anyone can be targeted. If you have a bitcoin wallet that has receive a very small number of bitcoin, it is possible that your anonymity might also be in jeopardy.

Financial Privacy and Bitcoin Anonymity

As we progress in the digital age, keeping our personal and financial information anonymous will be of greater value and importance, as it is possible to determine a lot about someone knowing their wealth and spending habits. The problem is that every credit card purchase you make can be monitored by governments. and mobile payment apps like Venmo have recently been shown to publicly reveal all user transactions by default.

Bitcoin granted us the liberty to transact with each other without the need of third party involvement. However, due to its pseudonymous nature, it does not allow full financial privacy as transactions can be traced and linked to individuals or companies through chain analysis techniques. A study from Princeton University has already proved this point,  while BitFury claims to have been able to de-anonymize over 15% of the Bitcoin network.

Hacked Exchange Cryptopia Enables Trading in 40 Different Currency Pairs

New Zealand-based digital asset exchange, Cryptopia has reportedly resumed trading on its exchange as it is now allowing 40 different trading pairs. This, after Cryptopia recently experienced from several different security breaches.

Support For Bitcoin, Litecoin, Dogecoin Pairs Added

Cryptopia’s management announced (via Twitter on March 18th) that it is planning to expand its list of coins which will again be supported on its trading platform. As noted on Cryptopia’s official support website, the exchange has enabled several different trading pairs (as of March 19th, 2019) with major cryptocurrencies. These include bitcoin (BTC), litecoin (LTC), and dogecoin (DOGE).

In response to Cryptopia’s announcement, Twitter user @dgb-chilling, a supporter of DigiByte (DGB), a cryptocurrency that uses five different mining algorithms, said that he had emailed the exchange’s support team to inform them regarding the coin’s latest update (version 6.17.2). He added that “an upgrade was recommended but not mandatory.”

Meanwhile, Chuck Norris (@CryptoTweet6) remarked: 

Now this is good news! Let’s hope the rest of the coins will be released for trading swiftly.

Other users also considered it “good news” that the compromised cryptoasset exchange was gradually resuming its operations. However, one social media user asked when Cryptopia would start enabling deposits while another inquired about why his ARK coins were still not recoverable from the trading platform. He claimed that he had deposited 1,000 ARK, currently valued at around $628, (a popular proof-of-stake based coin) on Cryptopia. The user also complained that his coins were missing “missing because [the exchange] did not update the ARK wallet."

Tens Of Millions Of Dollars Stolen In Hack

On February 27th, 2019, Cryptopia’s management announced that it was “assessing the impact incurred as a result of the hack” which led to the theft of tens of millions of dollars in cryptocurrency. Last month, Cryptopia’s support team had also estimated that the total loss incurred due to the security breaches was of around 10% of its total holdings (in the worst-case scenario).

Notably, the exchange’s official Twitter account had been silent for several weeks (since Feburary 14th). However, it released several announcements, starting in late February, in which it revealed that its staff members were working on securing each customer’s account individually. Cryptopia’s management also noted that it was taking the appropriate measures to ensure that its trading platform is secure when it is officially back online.