Ethereum Users Warned as USDT Dust Attacks Surge 612%
Researchers trace the spike to lower transaction fees after the Fusaka upgrade and caution users to double‑check destination addresses.
The Ethereum ecosystem is witnessing a dramatic rise in “dust” attacks, small‑value token transfers that are used to poison wallet address books. Data compiled by blockchain analytics firm Wise Crypto shows that transfers of USDT valued below one cent have increased by more than sixfold in the weeks following the December 3 2023 Fusaka network upgrade.
What the numbers show
| Token | Dust transactions (pre‑Fusaka) | Dust transactions (post‑Fusaka) | % Increase |
|---|---|---|---|
| USDT | ≈ 4.2 million | ≈ 29.9 million | +612 % |
| USDC | ≈ 2.6 million | ≈ 14.7 million | +473 % |
| ETH | – | 65.2 million new transfers* | +470 % |
| DAI | – | – | +62 % |
*The 65.2 million figure refers to newly observed “dust” transfers of ETH, which also climbed sharply.
The surge is not limited to stablecoins; native Ether and DAI transactions of negligible value have also risen, indicating that attackers are exploiting the lower gas costs across the board.
How the attacks work
Dust attacks are a form of address‑poisoning. Malicious actors send a tiny amount of a token to an address that closely resembles a legitimate one—often differing by just a few characters at the start or end. Wallet interfaces that display abbreviated addresses can make the counterfeit entry appear authentic. When a user later copies an address from their transaction history, they may inadvertently paste the poisoned address, sending a larger amount of funds to the attacker instead of the intended recipient.
Recent high‑profile losses
- In December 2025, on‑chain analyst “Specter” reported a victim who lost roughly $50 million after falling for an address‑poisoning scam.
- Another community member disclosed a single wallet that surrendered $388 k after replying to a Wise Crypto post on the topic.
These cases underscore that, while only a tiny fraction of dust attempts succeed (about 1 in 10,000 according to Etherscan), the sheer volume of attacks makes the tactic financially viable for criminals.
Why the spike now?
The Fusaka upgrade, which aimed to improve Ethereum’s scalability and reduce transaction fees, inadvertently lowered the cost of sending dust transfers. Researchers note that the reduced gas price allows malicious scripts to broadcast millions of low‑value transactions without eroding profit margins. As a result, attackers have been able to scale their campaigns dramatically.
Industry perspective
A study covering July 2022 through June 2024, presented at the USENIX Security Symposium, identified 17 million phishing attempts targeting about 1.3 million Ethereum users, resulting in losses exceeding $79 million. The research highlighted that the “industrialized” nature of these scams relies on brute‑force quantity rather than precision targeting.
Etherscan’s analysis adds that a single successful large‑value theft can offset the cost of thousands of failed dust attempts, reinforcing the economic incentive behind the volume‑driven approach.
Recommended safeguards
- Verify the full address before initiating any transfer. Use the clipboard copy‑paste function only for addresses obtained from trusted sources.
- Avoid reusing addresses from recent transaction histories without cross‑checking them against the intended recipient.
- Enable address‑whitelisting or multi‑signature controls where supported, especially for high‑value wallets.
- Stay alert to notifications: automated scripts can generate dozens of warning messages in seconds after a legitimate transfer, as reported by an X user who received 89 alerts after just two stablecoin moves.
Key takeaways
- Dust attacks on Ethereum have risen sharply, with USDT transfers under $0.01 up 612% since the Fusaka upgrade.
- Lower gas fees have lowered the barrier for attackers to flood the network with malicious micro‑transactions.
- Address‑poisoning remains a high‑risk vector, capable of causing multi‑million‑dollar losses even though individual attempts succeed rarely.
- User vigilance is the primary defense: always double‑check full wallet addresses and avoid copying them from abbreviated transaction logs.
As Ethereum continues to evolve, the community and infrastructure providers will need to balance performance improvements with safeguards against abuse. Until more robust mitigation mechanisms are deployed, the onus remains on users to adopt stricter address‑verification habits.
Source: https://cryptopotato.com/ethereum-users-warned-as-usdt-dust-attacks-jump-612/
