Security researchers discovered a credential harvesting operation that used convincing replicas of Nexus Market to steal user login information. The stolen credentials were subsequently offered for sale on competing darknet forums.
This type of attack underscores the risks of phishing in the darknet ecosystem, where users have limited recourse and verification mechanisms are inherently weak.