Israel Nabs Suspect Sought by US Over $190M Nomad Bridge Exploit: Report

Alexander Gurevich, accused of initiating the Nomad bridge exploit, was arrested at Israel’s airport just days after changing his name.

3 Total views

Last Thursday, a man identified by authorities as Alexander Gurevich, a fugitive accused of triggering a $190 million collapse of cross-chain bridge Nomad, was detained at Israel’s Ben-Gurion Airport, moments before departing for Moscow.

Gurevich is accused of being the first to exploit a fatal vulnerability in Nomad’s smart contract, siphoning off $2.89 million worth of tokens and, in the process, triggering a digital stampede.

The arrest came just days after Gurevich, who holds both Israeli and Russian citizenship, legally changed his name to “Alexander Block” and received a new passport under that identity, according to a report in The Jerusalem Post.

But Israeli officials, acting on a U.S. extradition request, intercepted him at the gate. The U.S. had already charged him in connection with a 2022 exploit that drained Nomad of nearly all its assets.

What happened in the Nomad exploit?

In August 2022, attackers emptied Nomad’s reserves after discovering that its bridge allowed users to copy and modify a single transaction to claim funds without verification.

Gurevich’s transaction, broadcast to the blockchain, acted like a signal flare, and within minutes, hundreds of onlookers began copying the exploit by altering token amounts and recipient addresses.

A postmortem analysis by Coinbase’s blockchain intelligence team concluded that 90 of the addresses involved in the hack were “copycats,” mimicking the original method with minimal variation.

Altogether, they pulled around $88 million. By the time Nomad froze its systems, only $651 remained in its smart contract wallet. Several of the early wallets in the exploit were reportedly funded through coin mixer Tornado Cash.

Three days later, Gurevich allegedly messaged Nomad’s CTO, James Prestwich, using a fake identity.

He apologized for “amateurishly probing” the protocol, returned about $162,000 in tokens, and demanded a $500,000 reward. When Nomad countered with an offer of 10, the conversation ended.

Per the Post‘s reporting, the U.S. filed an indictment a year later in the Northern District of California, charging Gurevich with eight federal crimes, including money laundering, wire fraud, and computer intrusion.

Because Gurevich was not living in Israel at the time the alleged crimes occurred, he would not have to serve any resulting U.S. sentence in Israel.

For Nomad, which relaunched its bridge in late 2022, the exploit left scars that haven’t fully healed.

Though the company offered a 10 bounty to anyone returning stolen tokens and recovered around $37 million, most of the funds vanished across hundreds of addresses, some tied to known laundering tools.

Your Email

#Law and Order