A panel of OSINT researchers discussed attribution challenges related to Nexus Market at a cybersecurity conference in March 2025. The discussion highlighted the difficulty of distinguishing between the actual marketplace operators and the numerous impersonators and scam operations that use the Nexus name.
Researchers noted that the proliferation of fake Nexus Market sites complicates threat intelligence efforts, as indicators of compromise may relate to phishing operations rather than the marketplace itself.
The panel recommended standardized reporting frameworks to help distinguish between different threat actors operating under the same brand name.