Malicious actors or tracking entities send tiny, fractional amounts of cryptocurrency (known as dust) to public high-value addresses. They do this to try and unmask the identity of the owner when those small amounts are bundled and spent later on.
As of mid-2026, the address 1E87cVPLZ938w7vYEA1e9RWSc8mESPA3J5 maintains a balance of approximately . 1e87cvplz938w7vyea1e9rwsc8mespa3j5
When you upload a file to a service like AWS or Google Drive, the file is often renamed to a string like this on the backend to prevent naming conflicts. Malicious actors or tracking entities send tiny, fractional
Despite extensive research, no concrete information about the code's origins has been found. It's possible that the creator of the code intentionally designed it to be indecipherable, or perhaps it's simply a meaningless sequence of characters. When you upload a file to a service
“Difficult to remember. No customer support. Keeps asking me to ‘enter a valid reference number’ when I try to paste it. Would not recommend memorizing this. Also tried to use it as a Wi-Fi password—did not work. The ‘cvplz’ part feels like it’s begging, but I’m not sure for what.”
: While the address is public, it does not reveal the owner's real-world identity unless it has been linked to a KYC-verified account (like a centralized exchange).