Researchers report a sharp surge in Ethereum dust attacks following the network’s December Fusaka upgrade. Analysis shows stablecoin transfers under $0.01, particularly for USDT and USDC, increased by over 600% and 470% respectively. Security experts link the rise to reduced transaction fees, which enable attackers to send millions of low-value, deceptive transfers in industrialized scams targeting high-value wallets.
Security researchers warn that address poisoning scams on the Ethereum network have increased dramatically. Analysis of the 90 days before and after the December 3 Fusaka upgrade indicates a steep rise in these dust attacks.
Dust transfers exploded after the upgrade reduced network fees. Researcher Wise Crypto wrote that USDT transfers under $0.01 rose 612%, while similar USDC transactions increased 473%.
Attackers insert fake addresses with similar beginning and ending characters into a victim’s transaction history. The hope is users will mistakenly copy these addresses when sending funds, as wallet interfaces often display shortened versions.
In one case, an on-chain investigator reported a victim losing $50 million in a late December attack. Another user reported a single wallet address losing over $388,000.
Analysts at Etherscan attribute the problem to the fee reductions from the Fusaka upgrade. This change allows attackers to run high-volume campaigns at a lower cost.
A security study found over 17 million phishing attempts targeting Ethereum users between July 2022 and June 2024. These attempts resulted in over $79 million in losses.
The method relies on scale, with dozens of poisoning transactions sometimes occurring minutes after a legitimate transfer. An X user reported receiving over 89 notifications after just two stablecoin transfers.
Only one in every ten thousand dust transfer attempts is successful. “A single successful attack involving a large transfer can easily cover the cost of thousands of failed attempts,” Etherscan explained.
According to Wise Crypto, the best defense is to always verify the full destination address. Users should avoid copying wallet addresses directly from their transaction history.
