Stablecoin-related dust activity is now estimated to account for 11% of all Ethereum transactions and 26% of vigorous addresses on average daily, after Fusaka’s update made transactions cheaper, according to Coin Metrics.
Hoovering attacks are a form of address poisoning in which attackers send tiny cryptocurrency transfers from identical wallet addresses to trick users into copying the wrong address.
Ethereum is currently averaging over 2 million transactions per day, which skyrocketed to almost 2.9 million in mid-January, along with 1.4 million vigorous addresses per day – a 60% escalate over previous averages.
Fusaka’s December update made the network cheaper and easier to operate by improving onchain data handling, reducing the cost of sending information from the Layer 2 network back to Ethereum.
Digging through the dust on Ethereum
Coin Metrics said it analyzed over 227 million balance updates for USDC (USDC) and USDt (USDT) on Ethereum from November 2025 to January 2026.
It found that 43% were involved in transfers of less than $1, and 38% were involved in transfers of less than one penny – “amounts with no significant economic purpose other than to replenish the wallet.”
“The number of addresses holding tiny ‘dust’ balances, greater than zero but less than 1 native unit, has skyrocketed, equating to millions of wallets receiving tiny poison deposits.”
Before Fusaka, stablecoin dust accounted for approximately 3-5% of Ethereum transactions and 15-20% of vigorous addresses.
“After the Fusaka conference, these numbers increased to 10-15% of transactions and 25-35% of active addresses on a typical day, an increase of 2-3 times.”
However, the remaining 57% of balance updates were for transfers above $1, “suggesting that the majority of stablecoin activity is organic,” Coin Metrics said.
Users must be careful about address poisoning
In January, security researcher Andrey Sergeenkov pointed to a 170% escalate in the number of fresh wallet addresses in the week of January 12 and also suggested that it was related to a wave of address poisoning attacks taking advantage of low gas rates.
These “hoover” attacks typically involve malicious actors sending fractions of cents worth of stablecoins from wallet addresses that resemble legitimate addresses, with the goal of tricking users into copying the invalid address when making a transaction.
Related: Ethereum’s rise in activity can be linked to choking attacks: researcher
Sergeyenkov said that $740,000 has already been lost due to poisoning attacks. According to Coin Metrics, the top attacker sent almost 3 million transfers for just $5,175 in stablecoins.
Dust has no real economic operate
Coin Metrics reported that approximately 250,000 to 350,000 Ethereum addresses per day are involved in stablecoin dust activity, but most of the network’s development has been genuine.
“Most of the post-Fusaka increase reflects actual use, although dust activity is a factor worth noting when interpreting headline metrics.”
Warehouse: DAT Panic Throws Out 73,000 ETH, India’s Crypto Tax Remains: Asia Express
