Ethereum transaction volume recently hit a record high, but the crypto community warns that behind this surge in transactions lies a large amount of “dust attacks,” putting user funds at risk.
（Background briefing: Signal before Ethereum’s surge? Transaction volume hits a record high, but transaction fees are the lowest ever）
（Additional background: Perspective: Why I am not optimistic about Ethereum now?）

Table of Contents

• The “dark side” of the transaction volume surge: address poisoning and dust attacks
  • De-anonymization and subsequent targeted attacks
  • Address similarity deception
  • Malicious tokens or contracts triggering wallet drains
• User protection tips

Recently, the Ethereum mainnet transaction volume has reached a new historical high. According to on-chain data, on January 16, the number of transactions exceeded 2.88 million, breaking previous records. On the surface, this surge was seen as a positive signal by the market, indicating a recovery of the Ethereum ecosystem, increased user activity, and possibly driving ETH prices higher. Low transaction fees and network optimizations from the Fusaka hard fork have also contributed to a smoother transaction experience.

However, crypto KOL @jason_chen998 pointed out on X platform that behind this seemingly prosperous transaction volume, there are serious security concerns.

Behind Ethereum’s record high mainnet transaction volume, 9 out of the top 10 generated contracts are all hackers wildly injecting poison and phishing. These contracts send small amounts of funds to thousands of addresses every minute for dust attacks, with three main purposes:… https://t.co/PeOuS5IFZI pic.twitter.com/XjoMsyYjVw

— Chen Jian Jason (@jason_chen998) January 20, 2026

The “dark side” of the transaction volume surge: address poisoning and dust attacks

Analysis shows that the recent sharp increase in Ethereum transaction volume is mainly driven not by genuine user demand, but by large-scale address poisoning or dusting attacks. On-chain data indicates that among the top ten contracts generating transactions, nine are malicious contracts, sending tiny amounts of funds (dust) to thousands of addresses per minute.

The main purposes of these attacks include:

De-anonymization and subsequent targeted attacks

Hackers send micro-funds to numerous wallets to trace fund flows, analyze relationships between wallets, and infer the real identities behind the wallets, preparing for phishing or social engineering attacks.

Address similarity deception

Many users tend to copy recent transaction addresses when transferring funds. Hackers quickly generate fake addresses very similar to the original addresses’ first and last characters, first sending small dust amounts to appear in transaction history, tricking users into mistakenly transferring large sums to hacker addresses next time.

Malicious tokens or contracts triggering wallet drains

Some dust contains malicious tokens or links to malicious contracts. When users interact with these funds, hidden code may be triggered, directly authorizing or draining the entire wallet assets.

Research indicates that since the Fusaka upgrade in December 2025, Ethereum Gas fees have significantly decreased, making such large-scale spam attacks very low-cost and highly profitable.

User protection tips

Faced with these hidden risks, experts offer the following practical safety tips:

• Carefully verify transfer addresses, avoid relying solely on copying transaction records.
• Use hardware wallets and enable address book features, only transfer to whitelisted addresses.
• Do not interact with dust from unknown sources (including sending out, Approving, or Swapping); simply ignore it.
• Regularly revoke suspicious authorizations.
• Enable wallet features like “Hide small balances” or dust protection.
• Avoid publicly exposing wallet addresses to reduce the risk of becoming targets.