Nucleus Megathread -- All discussion to take place here, new threads will be removed

All Nucleus discussion should take place in this thread. All current threads will remain active, but any new threads will be removed without warning.


Obviously, there is quite a bit of commotion going with surrounding Nucleus and the front page is swamped with what may be fact and what may be FUD.

It doesn't matter if you have made your point in another thread, this is the thread where people need to post theories, evidence, hypotheses, and whatever information they would like to debate.

There are far, far too many posts about this and it has gotten out of control. If you have information that you would like to contribute, please check to see that a parent comment on the subject hasn't been started. Only if there is none, state your case. If the discussion has already begun in another parent comment, make sure you keep your statements and discussions in that conversation.


Timeline of events

July 19 2015 -- /u/srkeyhead posted about a Nucleus outage
23 hours ago -- /u/Raising_TheBar posted about Nucleus stealing vendors accounts and changing their passwords
23 hours ago -- /u/DrXanax confirmed this happened to his account
19 hours ago -- /u/PureNucleus, who claims to be a forum moderator, says the market is up and functional
19 hours ago -- /u/nucleusexitscam found a wallet where a decent amount of BTC were moving to from Nucleus wallet
13 hours ago -- /u/32323D20 found another wallet where funds were being drained to
10 hours ago -- /u/nucleusFucked initiated cruise control for cool saying we mods should do something
6 hours ago -- /u/LoudRooster wrote a nice thread about the recent issues with FUD and crying wolf


Comments


[34 Points] LONDON-UNDERGROUND:

Hello guys,

We are a vendor on Nucleus and can confirm that we have been locked out of our account. Was working fine hours ago.

We are security minded individuals, we use 2fa - something dodgy is going down for sure.

It doesnt really make sense for the mods to go about it this way - so there is a chance its a hacker, or rogue admin...

Either way - stay clear!

Cheers,

L-U


[24 Points] QuantikXanax:

My password was changed too. my PGP key was changed on nucleus as well. DO NOT ORDER FROM ME ON NUCLEUS until things clear up.


[22 Points] Skandalabz:

Nucleus vendor here. Tried to login around 30 minutes ago and didn't worked. Apparently my password was wrong so I had to reset it (using the password reset tool) in order to gain access to my account (I use 2-FA). After that i have been able to log in but the site went down a few minutes after. I only had time to reply to one of my many messages...

I can't say if all the coins from my active transactions in escrow were released and stolen since I have not had time to check.

The site appears to be down atm.

UPDATE

I confirm that my active transactions in escrow were released and the btc's were stolen


[17 Points] Axaq:

Something isn't right, they would have dispelled the claims by now otherwise. I think you should reconsider a warning temporarily, something is going on and you need to try and prevent any further loss of coins.


[17 Points] CDXXRoman:

This looks more like a LAW ENFORCEMENT sting.

Take control of the site

Keep the site up

Take control of all the vendor accounts

Get everyone to send you money and addresses.


[10 Points] throwawayk5zq47j6wd3:

All those who called out Nucleus just months ago were right... glad I listened and went to Agora after EVO's bullshit.


[12 Points] dicked_by_nucleus:

It was the nucleus admin vrc that was advising everybody to lower their TOR browser security level. This guy does not know how to run a market or learn proper opsec.


[11 Points] Lucid_Enemy:

VRC must have clicked a phishing link.... this explains it all...


[11 Points] PureNucleus:

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Pure here,

So even I, who own a customer account with 0 balance can no longer access that account. So this must be some server misconfiguration. I haven't spoken with VRC and neither has Supporter (to my knowledge) but my theory on the wallet where all the coins are going are of 1 of 2 things.

A) VRC is moving funds to a off-site/cold storage wallet or B) A hacker has found an exploit of some sort. The server is ran via nginx so we can rule out the possibility of warning, clear-net site (google) https://technet.microsoft.com/library/security/MS15-078 - but we don't run MS so that's ruled out.

I am trying my hardest to get in contact with VRC and I've sent a request to Supporter for a torchat discussion so maybe we can fill ourselves in a little to inform you guys.


One thing is for sure however, VRC has paid both Supporter and I (at least myself I know for a fact) every week since I was promoted to a moderator. Payments usually came around mid-week but I received mine last night (Sunday). This shows some character in our Admin. But one thing is for sure, Supporter and I empathize with every vendor and customer on the site during this harsh time.


UPDATE: I have just come across some valuable information that can possibly support this is a hack/exploit and no corruption within the Administration. The info I got was was from a Vendor who reported that 5 top-notch Vendors on the market all had their funds drained and all 5 of these different vendors had their PGP key replaced with the same key. I am fairly certain that someone has exploited the system. For now, I recommend anyone with any sort of balance worth anything to them to withdraw the funds to another wallet until this is cleared out.

The issue has became more than less apparent this is a hacker(s). I will keep you posted.

I am on TORCHAT and Jabber/XMPP (must use OTR if we speak) if you have any questions that are reasonable. I don't run the site nor do I know the internals of it. Keep in mind TORCHAT takes hours to load for me at times but at the time being, I am on Jabber/XMPP.


TC ID: 2ldi3t3m57y7fxyv

XMPP: Pure@jabber.cz

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2

iQEcBAEBAgAGBQJVrcMmAAoJEMTjwPSMX93wHCcIAKD1QhKogT1Sw6nF/ZYUeFnB C8ZCrAguW8SEfY3x4JFmAjNQwxMBFerApe11VHy4mjRa/kfXbB+DzizYiiBAB6n0 2IILB71t+Dpbz4aZLbUIhCd+nawX06Yy4QGe9Iug8dzqWXAesBQ13vEk+u+9H+iN +JB2Yaa1gNQbki320j5mRPPJSJ+d7HfaXOlOasM5JAOXUGPA2baMUrjs4BOy830f GVcNNo0AVv0ZOBoqyPc4oQJzv3fxy2/idwvt32BM1BHQ7RR9C9m4AtQFSs0y/wfX gkDr14NRUUO0pc+HgCdGlmNMuLvb7FldnQ+f0xh549wPulmBLeuNmJM68Hmn8Ls=

=4atZ

-----END PGP SIGNATURE-----


[9 Points] gramsadmin:

I just fixed my scraper for their site last night. There was a bug which wasn't getting all the listings. So now it works perfect. I am going to be pissed if they are exit scamming :-(


[5 Points] BobArctor_007:

I'm a vendor on nucleus, so I suppose I should contribute to the thread. I have had no issues what so ever. A few moments ago I successfully withdrew coin.

If something is going on I would guess it's either a rogue employee or they got hacked.

My other theory is that maybe some of these vendors are taking advantage of the nucleus distrust and are pulling their own scam.


[6 Points] Axaq:

/u/MLP_is_my_opsec /u/theeconomist1 Pull the plug, I've had no response reaching out to VRC and scam threads on the Nucleus forums from yesterday were all pulled.


[3 Points] rogueXleader:

Thanks /u/MLP_is_my_OPSEC . This is a good way to go about things


[6 Points] rogueXleader:

"Registrations allowed!! Until we will be overwhelmed by spammers again. We need to do some big changes on the server, so Nucleus will be offline for 5 - 7 days. We are not running away - Nucleus is like our kid and we are not going to let him down. But feel free to express your feelings... Forum will be online and we will update you as soon as Nucleus will be back online."

This is posted on the top bar on their forums. You've got to be kidding me the market is going to be offline for a week!


[4 Points] The_Grid_Is_Up:

Fact or FUD. I like that.


[5 Points] pt_LeslieDancer:

Successful withdraw for me about 2 hours ago, good luck everyone, notify your vendors asap


[3 Points] mad87645:

OK kiddywinks. Gather round and place your bets on which is going to become the new #2 market.

I got $20 on Alphabay


[3 Points] grandpajoe_dnm:

Hey folks, just wanted to toss out a quick note. I was able to log in and wd funds w/o any problem on Saturday evening so if you placed an order before then it's gone out the door. I was planning on going back on vacation mode this week so if you placed an order at some point between then and when the site went offline you're most likely gonna have your order autocancelled, my apologies.

I'll be back off and on for the next month or two at which point I'll figure out whichoptions to go with (Alpha, Agora, TMG, Direct, etc.)

Love ya and stay safe

GPJ


[1 Points] disposable_UK:

I saw on their forum that TechnoHippy's PGP has changed too.

http://z34uj4opd3tejafn.onion/viewtopic.php?pid=90975#p90975

And Mirkov.

http://z34uj4opd3tejafn.onion/viewtopic.php?pid=91018#p91018

I was skeptical to start with but am getting suspicious now.


[3 Points] dillon5294:

I added roughly 1.8 btc into my nucleus account last night and then successfully withdrew it into my middle earth account earlier today.


[2 Points] RippenStein:

AAAAANNNNNNNNDDDDDDDDD its GONE with all your BTC!!! Vendors need to open their own shops and decentralize. How many times does this shit have to happen before the dolts realize admins will keep doing this.


[2 Points] mouthEXPLOS1ON:

I smell bacon...


[2 Points] attilathehunn:

Use multisig(!)

Vendors increase your prices for non-multisig


[2 Points] noseybast:

when nucleus started up until a couple of months ago (when post evo it kicked off) there were 2 admins, VRC and PEZ, the second of which has been AWOL for the past couple of months, last forum post 2 months ago (from memory don't quote me), VRC handling support tickets alone. What happened to that nigga?


[2 Points] chlorine17:

If i have a transaction marked as shipped with a vendor - ha been in contact and they confirmed it shipped, then if nuc is down how do I release the coins once it comes and leave review?


[1 Points] None:

[removed]


[1 Points] Sansasaslut:

I don't think it's a major thing to be worried about. Just withdrew my coins from there and they came out fine (only had .6 on nucleus)


[1 Points] izza123:

Im having no problems getting into an account, and support is replying to me regarding an escrow issue.


[1 Points] testjustin:

No surprises here then. Rogue admin I bet.

This has been going on for months but to buyers. Now whoever has turned to the vendors.


[1 Points] Jedy15:

Sad news, lost 0.1 btc on nucleus.. But I decided to try a different market and bought Merkush a free sample)) vendor replied promptly, support commented, sit and wait. let's see as guys from Tochka.


[1 Points] VamonosDab:

Hey guys, ISO BlocElms47 on Nucleus. Paging BlocElms47 on Nucleus. Anybody?


[1 Points] Andman17:

I can't even log in. The site seems to be down. What gives?


[1 Points] WonkyWarrior:

The forums are now also down???????


[1 Points] None:

Sooooooooo back to Agora?


[1 Points] 1sttimednm:

Someone correct me if I am wrong...but are we not in this 5-7 day window mentioned on the forums?


[1 Points] JustBenDover:

Nucleus is back online!


[1 Points] Bobthebuilder1999:

Technohippy can be found at nucleus, dream, and alphabay


[1 Points] symonknine:

Hello guys, I am a medical student just having a difficult time finding useful material online. anyway, that's not why i'm here. I'm actually here for a favor .. I need a professional to help me gain access to a certain fb account, i'm willing to pay for the service through bitcoin. I've been trying with some websites like hackerslist, but I'm afraid the feedback is poor to none. Can anyone point me in the right direction as to where i can find a legitimate hired service, please.

Thank you.


[1 Points] None:

I'm calling it now. Incoming exit scam


[1 Points] None:

Lost all my btc on nucleus 😧


[0 Points] caliburn99:

Will not be LE or if it is it will be corrupt LE. They wouldn't steal the money, just cold store it and auction it off as proceeds of crime once it was no longer needed for evidence.

Could be an exit scam a scam but the way accounts are being compromised and emptied just doesn't fit, much easier ways to make off with all the money in the market if you own the market then what is being reported as happening.

Logical assumption would be a compromised server/admin account, the first being more likely as they appear to have to compromise vendor accounts one at a time.

Follow the advice already posted, withdraw funds if you can, use another market and await more reliable information.


[0 Points] badluckjustintime000:

vrc has just commented in two threads in the Nucleus tech support subforum. Apparently he/they are working on resolving the issue.

There are still new threads appearing of vendors who were locked out of their accounts, but less. Basically all large German, UK and NL vendors were targeted. Some accounts were flagged with 'Ongoing investigation' during the last hours.


[0 Points] 1sttimednm:

We need to do some big changes on the server, so Nucleus will be offline for 5 - 7 days. We are not running away - Nucleus is like our kid and we are not going to let him down. But feel free to express your feelings... Forum will be online and we will update you as soon as Nucleus will be back online.

Well fuck me....Just signed up sunday and placed my 1st order. It was marked as shipped, but what happens if I do not get it?

I did not FE, just concerned as I can't log into mark it as recieved or stop the auto finalize.

Also disappointed as I bought something and just saw a threat for the vendor under dosing.

Oh why did Agora have to have closed registration?

I figured out the PGP stuff, got tails running, did the bitcoin thing...and now this.


[2 Points] Williewonkka:

You've got to be kidding me?! I have 200 in nucleus!! Is this an exit scam?? Am I fucked once again just like Evo? My nightmare is coming back again!!


[0 Points] criticalthinker615:

Does anyone know what would happen to an order that was waiting to be accepted/marked shipped? Like will I lose my coin?


[0 Points] drupe14:

anyone place an order of xanax before the site going down and never received package? Trying to remember the vendors name so i could maybe contact directly but no chance...memory is shite

Update: Order received and added 5 more bars ontop of my order. :) forget your name, Sir vendor but tankzzz


[0 Points] sashawlsn:

A few days before Nucleus got shut down, I ordered 2g of shatter from Humbolt farms, It hasnt arrived yet but I ordered it about 4-5 days before the market closed, is there any way to get in contact with Humbolt farms? Thanks


[0 Points] FastDonut:

My Nucleus account has also been affected. I warned many over on thebarbarians but a lot of my customers lost their money. Fuck Nuc


[0 Points] willycloaks:

http://z34uj4opd3tejafn.onion/viewtopic.php?pid=93763#p93763

Notice how Pure avoids writing this scammy message on reddit?

"This is a message I received from VRC yesterday:

"I have caught some sickness, so I am able to be online only for limited time per day... sad

We are still working on it. Nucleus should be much quicker and much resistant to DDoS attacks afterwards:) And maybe we will improve some features."

The site is not going down. I assure you that. We'll be back up soon. Don't just to conclusions. If this was an exit scam why on Earth (and give me a single good reason) the forum would still be up? For hope? The entirety of that concept makes more than no sense."


[-2 Points] DnmAvenger:

OK guys... I am very curious. I have not had any issues with Nucleus ever, and none of the vendors I use there have had any problems that I know of. I am curious if all the loudest noise makers are just a bunch of crazy Nuc haters/other market fanboys. Any real evidence yet? By evidence I want to see posts from very well known vendors. Where the fuck is GrandPa Joe.... Cannaxpress000.... Shit where is humboldt farms.... ( I think all those guys are over there) Big vendors I know have some Reddit presence. That is who I want to hear from. Not a bunch of theorists or vendors I have never heard of ( no offense you guys) I have seen london-underground around and ajax and HC (although no one really likes HC). Still I have only seen a very few vendors listed and no users. I want to hear it from the horses mouth.

I noticed VRC said he has figured out a way to return any missing BTC. He posted that earlier. All you have to do is search nuke forums to see that, but I do not know how true it is. Anyone else heard anything from him?

People on here create new accounts just to vote their shit posts and comments to the top, so any new info can be suppressed. Lets not let that happen.

Until I see major vendors on here talking about the situation I am calling BS about any kind of exit scam. I am also not using the market either, so take that for what its worth.

I think something serious did happen with NUC, but I do not think it was something the admins intentionally did.


[-1 Points] badluckjustintime000:

One look on the Nucleus forums shows this is not FUD. The amount of coordination necessary would be absurd. Many large EU vendors have been shut out of their accounts. Most of these vendors shun reddit like the plague for opsec reasons or to simply to avoid the massive drama that goes down here regularly.

I placed a large order with DutchSpace yesterday, using Nucleus because the vendor was not on Agora (ironically they are moving there now). Glanced over the first topic on reddit about downtime, discounted it as hysteria, went to bed. Read the news in the morning, logged in to cancel my order. Buttons on the site do not load properly. Somebody confirmed my order which is now listed as finished. Nucleus forums are full of threads from vendors who cannot log in. Support seems to be clueless, appears more like a hack than an exit scam.

I don't get how this issue with mounting evidence from reputable vendors is still dismissed. I guess it is because of the culture of constant drama that is this forum. Often enough people who are coked out of their mind and barely literate generate massive hysteria on here because their packs are not arriving next day from Europe to US. Too many people on here go for the drama instantly instead of thinking twice about what info is reasonable and which isn't.

Honestly, I blame the Americans on here (cheap shot, I know). But the climate on the Euopean darknet forums is somewhat more relaxed.


[-1 Points] Lucid_Enemy:

What server overhaul takes 5-7 days.... seriously what's he installing windows 95 on his box... wouldn't put it past me nucleus had A LOT of security holes.... unfortunately I don't belong to h4c or the -sans but I'm sure there behind some of it


[-1 Points] KingRex-X:

Hey I made an order 2-3 before nucleus went down and the vendor accepted the order. Its been at least 6 days since it was accepted. Any ideas on whats going on


[-1 Points] Williewonkka:

Is this shit coming back than or not?! Can we have a simple yes or no answer


[-2 Points] dregofdeath:

damnit nucleus is the only market ive ever ordered from, sucks.


[-4 Points] darknetpotter:

Would I be stupid to order from Nucleus? In a country wanting a product for which there are few other vendors (the only one on Agora has ridiculous prices) so Nucleus is my only real option.


[-7 Points] None:

So much FUD.