There’s an interesting pattern emerging amongst active Litecoin addresses on the network that suggests large periodic automated actions are being taken by an unknown entity.

On average the network typically sees around 40,000 active addresses per day, however according to data from bitinfocharts, every 7 days this value is spiking to over 70,000 before abruptly dropping back down. This has resulted in an almost sawtooth like pattern that’s pretty evident given a cursory glance.

This behaviour appears to have begun on the 20th of August 2019 and has continued to occur every week since to varying strengths. Prior to this a very noticeable dust attack occurred on the 10th of August 2019. Unless a large economic network entity has implemented a method for automatically managing and moving its Litecoin holdings (something that would seem unnecessary to this degree and so often), then it appears this activity may be related to the august 10th attack.

Dust is a small amount of Litecoin, usually worth factions of fractions of a penny, that can’t be spent without being included in a transaction along with the victims other funds, thus linking ownership of assets. If the two are connected then it seems the attacker has chosen to scale back their operations and push out less dust more often based on other active users during each weekly period. This would allow for the creation of a set of more detailed and useable insights when attempting to track and map the interactions between participants.

Without access to more data tools for the Litecoin network, it’s hard to properly analyse the actions behind the behaviour, what is clear though is that total number of transactions aren’t spiking and average value being sent is also uncorrelated. If it is later confirmed to be dust attacks then unfortunately unless those mining the network set new rules to mitigate the spread of such dust, or non mining nodes economically pressure miners to implement those rules then there’s not much anyone can do besides try to ignore the dust in their wallets.

Ultimately it would be up to the network participants to tackle this issue or pressure change, that is if a majority even see this as an issue that requires such action and if there is an effective set of rules that could be applied to isolate and reject spam without effecting legitimate network usage such as development and infrastructure testing.