Understanding Litecoin’s Dusting Attack: What Happened and Why

On Aug. 10, the Binance and Litecoin (LTC) community came to life as news of a potential “dusting attack” was announced through the official Binance Twitter account. In the tweet, the team explained that around 50 Binance Litecoin addresses received a fractional amount (0.00000546) of Litecoin, which the exchange’s security team identified as a part of large-scale dusting attack. 

Related: Litecoin Halving Aftermath: LTC Price, Hash Rate, Community Reaction

James Jager, project lead at Binance Academy and the person who first identified the attack, discussed the event with Cointelegraph:

“It was network-wide, which meant it affected all users of litecoin that had an active litecoin address at the time. The address of the person responsible for the dusting attack can be found here: https://blockchair.com/litecoin/address/LeEMCDHmvDb2MjhVHGphYmoGeGFvdTuk2K

“We became aware of the dusting attack on Saturday morning when one of our binance angels had received a small amount of LTC into their litecoin wallet.”

Jan Happel, co-founder of blockchain data provider Glassnode, looked into the dusting attack to confirm the extent of it. Although Binance reported that 50 users had been affected, Happel believes that the scale was much more widespread, with almost 300,000 LTC addresses showing signs of dusting. Possibly even more interesting was the extra data that came up, showing a previously unreported dusting attack that occurred earlier this year in April. Happel told Cointelegraph:

“We have done a quick query into the LTC blockchain and analyzed the number of utxo's that carry a smaller value than the mean tx fee that day. If a UTXO contains less balance than the minimum amount required to spend it (fee) that day, it becomes stuck/unspendable — this is what we technically define as dust.”

The graph below shows the reported volume of dusting attacks that affected LTC wallets.

New UTXOs with less LTC than mean transaction fee that day

The key to a dusting attack is the unspent transaction output (UTXO). This is like a signature assigned to any unspent value, and when a transaction is completed, many of these UTXOs are merged to make up the transaction amount. By tracking these UTXOs, someone can track different wallet addresses to one specific user. The concept of dusting attacks became prominent in 2018, when Samourai Wallet warned<