skip to Main Content
Crypto Dusting - Blockchain Spam - Corrodes Reputations - Cryptocurrency AML

ALERT: Crypto Dusting is a New Type of Blockchain Spam that Corrodes Reputations and Impacts Cryptocurrency AML

People use mixers/tumblers as an attempt to preserve privacy when transacting with Bitcoin and other cryptocurrencies by obfuscating their money trail. These services typically do not require Know Your Customer (KYC) checks, and they are primarily used to anonymize fund transfers between services. This might lead to the logical conclusion that mixers are almost exclusively used for laundering money or hiding profits from illicit activities. But this is not always the case: some users have innocent or political reasons for wanting to remain anonymous.

Nonetheless, once these individuals move these tainted crypto assets into regulated exchanges or other financial services, they may be flagged by Anti-Money Laundering (AML) compliance regimes. These AML scoring mechanisms alert the service where they wish to deposit the crypto that their funds have originated/transacted with a mixer. In other words, their crypto has become “tainted” by being associated with the address of a mixing service.

Call it crypto dust or call it spam
On October 23rd, Bitcoin users began receiving miniscule amounts of BTC from along with a promotional message promoting their service, which allows users to mix Bitcoin, Litecoin, and Bitcoin Cash. These tiny transactions essentially amounted to a cost-effective mass advertising campaign. Had they used Google Adwords, for example, it may have cost more than $1 per click.

But unlike spam advertising, crypto dusting is not harmless. By running a malicious advertising scheme that involves sending Bitcoin to the top BTC addresses, BestMixer is technically tainting these addresses by causing them to transact with a mixer without their consent. As time progresses in the cryptocurrency world, this form of spam may soon become a primary technique for bad actors to spread taint and contaminate legitimate users in massive dusting campaigns.

We coined the term “Crypto Dusting” because the event was first described as a “dusting attack” on Twitter and Bitcointalk on October 24th, 2018. This is due to the fact that they are tainting various addresses within the blockchain by sending miniscule amounts of BTC over a period of time—similar to scattering sand across a table with tiny grains dusting the entire surface.

Why are they doing This? It’s an attempt to foil blockchain analystics tools
Initial reports erroneously described the dusting attack as an attack on privacy. Bitmixer is obviously trying to get marketing coverage for their mixer. Bitmixer promotes themselves as the only legal bitcoin tumbler offering blockchain analysis resistant coins.” Bitmixer is based in Curacao which the US Department of State has again named among the ‘Major Money Laundering Jurisdictions’ in its new International Narcotics Control Strategy Report. They claim it is legal because they are operating in a country with weak AML regulations.

They typically charge up to 3-5% per transaction, so marketing their money laundering and mixing services is in their best interests. If a mixing service like this can mix $100M per year, they are making $3-5M a year from operating a small server in a Curacao.

And so a new form of spam is born
The first response after the mass send was the post below on BitcoinTalk.

Following this post, the BestMixer team released a statement:

“A new advertising technology invented by our mixer. In short, every day we send to bitcoin wallets of all active users a noticeable amount of 0.00000888 BTC, which is accompanied by a comment about BestMixer service.”

However, to get access to their message, you would have to be looking at raw blockchain data, which no consumer is doing. So, this is either a message to large-scale money launderers or a taunt.

But, the other reason to “dust” so many addresses is an attempt to foil blockchain analytics tools which is their stated objective. The idea here is to taint every address that is known at main exchanges to show that they all receive transactions from money laundering services. This is an attempt to “dust” every address with money laundering funds, thereby soiling virtually every user’s reputation.

To defend against these types of blockchain tracing attacks, CipherTrace is responding on multiple levels. Beware mixers and traffic from their associated domains.

Contact CipherTrace to discuss defenses to defeat dusting attacks, actionable mixer intelligence and achieving high-integrity cryptocurrency risk analytics.

Back To Top