In 2015, Nucleus Market was allegedly hacked and went offline after vendors started complaining that their accounts had been compromised. Some even said that their funds went missing after being locked out from the site. Nucleus Market operated as a dark web portal for selling drugs and other illicit items.
Nucleus Market admin was quick to reassure everybody that they wouldn’t run away with people’s money. This is after some users suspected the site was planning an exit scam similar to Evolution. Their support team calmed tensions by posting on an online thread, mentioning Nucleus Market would be back in approximately 5 days. Though some vendors were affected, they were able to shut down servers quick enough before further losses could be incurred.
A message posted on top of the community forum said that administrators were “not running away,” and the forum will continue running as the Nucleus Market servers underwent “big changes.” After the purported hack, an anonymous account holder named “nucleususer69” claimed responsibility for owning the wallet containing a stolen set of bitcoins. This was before they were drawn to other e-wallets and a “fix” bounty demanded.
One drug dealer operating on Nucleus Market also complained in an encrypted chat interview that the support team personally suspended his account, which happened after he asked them about the alleged hacking event. This was done to prevent unsuspecting customers from placing orders.
In order to show that he actually owned the bitcoin wallet account in question, which carried encrypted currency worth over $50,000, nucleususer69 posted an online cryptic text reading “Ahoj friends, how much for the explanation and solution,” including details of the wallet address that contained the seized funds and even a cryptographic signature. Generally, bitcoin wallets represent cryptographic keys with a publicly viewed half, and the other side containing wallet address code completely kept secret.
It’s possible for one to sign off a message using this other concealed half and verify its authenticity through a public wallet address. Individual researchers later on ascertained that the text nucleususer69 posted was actually signed from a wallet containing stolen bitcoin sums, indicating the hacker might as well have been controlling the wallet.
Though Nucleus Market breakdown was likely caused by this particular hack, it didn’t come as a surprise to some people, given that the dark web is naturally unpredictable and anything can happen. “nucleususer69” might also have been part of a wider scheme trying to assume all credit for this misdemeanor, in exchange for pre-agreed bounties. A con game involving admin who would have tried to distance themselves from the hack by blaming a proxy they hired. At that particular point, hacked sellers had no other option but to wait for the said 5 days, hoping their money was still intact when Nucleus Market came back to normal.
Prior to the hack, warnings had already been made on various sections of the net. Nucleus Market users were told to beware since there was an extremely large number of phishing sites targeting account holders; this could be seen from various posts on Reddit targeting the dark web site.
Registration process on the market required a user name and a password of choice, as well as captcha verification like many other similar darknet markets. With listings shown in separate fields and having their own unique image, seller name and 5 star-based rating for buyers to see.
Nucleus Market, a normal escrow marketplace on the dark web, launched in November 2014, initially without a system for accepting, receiving or using escrow though later on this was introduced and led to an expansion in market base. One reason why Nucleus Market became so popular within a short period of time was because it offered users a variety of cryptocurrencies for payment, apart from Bitcoin there was also Litecoin and Darkcoin.