Dark Web marketplace “Nucleus” vanishes – and no one knows why

A Naked Security reader pointed us at an intriguing story: news of the implosion of yet another Dark Web online store.

Most computer users will have heard of Silk Road, without doubt the best known and most notorious Dark Web market, where customers could order all sorts of contraband, from illegal drugs and fake IDs to computer hacking services.

Silk Road stopped trading because its founder and (for want of a better term) CEO, Ross Ulbricht, was tracked down after years of anonymity and prosecuted.

It didn’t end well for Ulbricht: he was found guilty on five different criminal charges and sentenced to life in prison with no possibility of parole.

In fact, Ulbricht got two life terms, plus a 5-year, a 15-year and a 20-year stretch thrown in for good measure, with the cold comfort of having the sentences run concurrently.

We’ve also written about the trials and tribulations of other underground marketplaces, such as Silk Road 2.0 (site busted by law enforcement), Evolution (founders ran off with the money) and Agora (self-suspended during security troubles due to a software vulnerability).

Collapse of the Nucleus

This time, it’s a drug-related market called Nucleus, and no one seems to know quite why the site has vanished.

Busted? On the run from law enforcement? Doing a giant bilk? Hacked through a security hole? Hit by ransomware?

Dark Web sites are typically accessed via The Onion Router, or Tor, a popular online anonymity and privacy tool that can be used for good or evil.

Tor “bounces around” your internet traffic to disguise where you’re coming from when you’re browsing the regular internet, so you can use it to avoid being tracked more closely than you might like.

But if you use Tor to visit regular websites, the last hop of your traffic still has to go over regular paths; even if that traffic can’t be traced back to you or decrypted in transit, the site at the other end can be identified and perhaps hacked or at least taken down.

That’s why Tor also supports so-called hidden services, which have special URLs ending .onion, where your anonymised network requests are not only bounced around inside the Tor network, but also processed and answered from inside Tor.

This makes it hard to find the servers behind a hidden service, which in turn makes it hard to block that service, even if it’s clearly breaking the law by selling firearms improperly or trafficking in illegal drugs.

This, in turn, means it’s hard to measure what’s really going on in the Dark Web, and how many underground marketplaces exist to bring buyers and sellers together.

How many Dark Web markets are left?

A blogger going by Gwern has put together a chart of known Dark Web markets, listed in order of their first appearance, and it makes fascinating viewing (click for the original at full size):

Even though recent research suggests that there are several tens of thousands of Dark Web sites, we suspect that many readers will be surprised at just how many markets like Silk Road there have been…

…but perhaps not so surprised at how short-lived many of them have turned out to be.


Image of Dark Web courtesy of Shutterstock.com