Nomad Hack suspect, Russian-born Gurevich, arrested in Israel, faces US extradition
Israeli authorities have arrested Alexander Gurevich, a suspect in the Nomad hack that resulted in the theft of $190 million in crypto assets from the cross-chain protocol, leading to its eventual collapse.
According to reports, Alexander Gurevich was arrested at Ben Gurion Airport in Tel Aviv. He holds dual Russian and Israeli citizenship. However, he was attempting to travel to Russia using a visa under a different name at the time of his arrest.
The attacker behind the $186M Nomad Bridge hack has been identified as Alexander Gurevich, aka "Block".
He fits the profile of a crypto-native threat actor: skilled in smart contract exploitation but ultimately undone by poor opsec.https://t.co/7U6plnewRh
— Peter Kacherginsky (@_iphelix) May 4, 2025
The Israeli government is now making plans for Gurevich to be sent back to the US. In the US, he is wanted for money laundering and computer crime. The US prosecutors said Gurevich was the first person to take advantage of the weakness in Nomad’s smart contracts. The assets stolen were mostly in USDC stablecoin and wrapped versions of Bitcoin and Ethereum.
The charges against Gurevich in the US versus Israel
The charges against him in the US are much worse than the charges against him in Israel. He could get up to 10 years in jail and a $250,000 fine for each of the five counts. For all four of these computer crimes in Israel, the harshest punishment is only three years in prison.
In the US, the highest sentence for money laundering is 20 years, which is twice as long as the maximum sentence in Israel.
If Gurevich is extradited to the US and found guilty, he will not be able to serve his term in Israel because he was not living there at the time of the crimes.
The case is being handled by Avi Kronenberg, a lawyer in the International Department of the State Attorney’s Office. Operational Coordination Department of the Israel Police’s National Fraud Unit and the Tel Aviv Fraud Division in charge of the arrests.
Gurevich-Block was told to stay in jail by Judge Einat Avman-Moller, and a hearing was set for Sunday.
Ethical crypto hackers are not so ethical
The accusation came from Gurevich telling the Nomad team about it in a string of Telegram texts. He reportedly even asked for a $500,000 reward for finding the weakness in Nomad’s smart contracts that let an attacker use fake transactions to take money out of the protocol.
Crypto hackers often ask the protocol they broke into for a portion of their stolen goods as a reward. Most of the time, the deal includes giving back the rest of the stolen money in exchange for not going after the attacker with the police.
Except for a few famous cases, most hackers haven’t paid attention to these kinds of deals. In May of last year, a hacker stole $72 million from a Bitcoin whale and agreed to return all but 10% of the money.
In August 2022, US officials said Gurevich stole $2.89 million in crypto from Nomad. However, they lost $190 million. This means that there are more people involved. Apparently, a bunch of people tried to use the same attack as soon as it was found. This turned one hacker’s breach into a DeFi free-for-all.
Coinbase reported an attack that showed 88 unique wallet addresses that were later identified as copycats. These wallet addresses took $88 million from the bridge. The participants who took part in the free-for-all hack did things differently than Gurevich, but they all used the same loophole to get money from Nomad.
In the end, some of the people who took part were whitehats, or “ethical hackers,” who work to stop bad players or “blackhats.” Luckily, the funds that these “white hats” took out of Nomad during the attack were returned.
Your crypto news deserves attention - KEY Difference Wire puts you on 250+ top sites
Nomad Hack suspect, Russian-born Gurevich, arrested in Israel, faces US extradition
Israeli authorities have arrested Alexander Gurevich, a suspect in the Nomad hack that resulted in the theft of $190 million in crypto assets from the cross-chain protocol, leading to its eventual collapse.
According to reports, Alexander Gurevich was arrested at Ben Gurion Airport in Tel Aviv. He holds dual Russian and Israeli citizenship. However, he was attempting to travel to Russia using a visa under a different name at the time of his arrest.
The attacker behind the $186M Nomad Bridge hack has been identified as Alexander Gurevich, aka "Block".
He fits the profile of a crypto-native threat actor: skilled in smart contract exploitation but ultimately undone by poor opsec.https://t.co/7U6plnewRh
— Peter Kacherginsky (@_iphelix) May 4, 2025
The Israeli government is now making plans for Gurevich to be sent back to the US. In the US, he is wanted for money laundering and computer crime. The US prosecutors said Gurevich was the first person to take advantage of the weakness in Nomad’s smart contracts. The assets stolen were mostly in USDC stablecoin and wrapped versions of Bitcoin and Ethereum.
The charges against Gurevich in the US versus Israel
The charges against him in the US are much worse than the charges against him in Israel. He could get up to 10 years in jail and a $250,000 fine for each of the five counts. For all four of these computer crimes in Israel, the harshest punishment is only three years in prison.
In the US, the highest sentence for money laundering is 20 years, which is twice as long as the maximum sentence in Israel.
If Gurevich is extradited to the US and found guilty, he will not be able to serve his term in Israel because he was not living there at the time of the crimes.
The case is being handled by Avi Kronenberg, a lawyer in the International Department of the State Attorney’s Office. Operational Coordination Department of the Israel Police’s National Fraud Unit and the Tel Aviv Fraud Division in charge of the arrests.
Gurevich-Block was told to stay in jail by Judge Einat Avman-Moller, and a hearing was set for Sunday.
Ethical crypto hackers are not so ethical
The accusation came from Gurevich telling the Nomad team about it in a string of Telegram texts. He reportedly even asked for a $500,000 reward for finding the weakness in Nomad’s smart contracts that let an attacker use fake transactions to take money out of the protocol.
Crypto hackers often ask the protocol they broke into for a portion of their stolen goods as a reward. Most of the time, the deal includes giving back the rest of the stolen money in exchange for not going after the attacker with the police.
Except for a few famous cases, most hackers haven’t paid attention to these kinds of deals. In May of last year, a hacker stole $72 million from a Bitcoin whale and agreed to return all but 10% of the money.
In August 2022, US officials said Gurevich stole $2.89 million in crypto from Nomad. However, they lost $190 million. This means that there are more people involved. Apparently, a bunch of people tried to use the same attack as soon as it was found. This turned one hacker’s breach into a DeFi free-for-all.
Coinbase reported an attack that showed 88 unique wallet addresses that were later identified as copycats. These wallet addresses took $88 million from the bridge. The participants who took part in the free-for-all hack did things differently than Gurevich, but they all used the same loophole to get money from Nomad.
In the end, some of the people who took part were whitehats, or “ethical hackers,” who work to stop bad players or “blackhats.” Luckily, the funds that these “white hats” took out of Nomad during the attack were returned.
Your crypto news deserves attention - KEY Difference Wire puts you on 250+ top sites