Nomad Bridge Hacker Apprehended in Connection with $190 Million Heist

Alexander Gurevich, a 47-year-old dual Russian-Israeli citizen, was arrested last Thursday at Ben-Gurion Airport while attempting to flee to Russia under a new identity.

Gurevich is the primary suspect in the 2022 Nomad Bridge hack that resulted in approximately $190 million in stolen cryptocurrency, marking one of the largest blockchain security breaches that year.

Israeli authorities detained him following a US extradition request related to computer crimes, money laundering, and transferring stolen property.

- Advertisement -

Authorities revealed that Gurevich, who immigrated to Israel approximately three and a half years ago but spent most of his time abroad, had taken significant steps to evade capture.

On April 29, 2025, he officially changed his surname in Israel’s Population Registry to “Block” and obtained a passport under that name the following day.

His arrest occurred on May 1, just as he was preparing to board a flight to Russia.

The timing proved critical as Israeli Justice Minister Yariv Levin had recently signed an order requiring Gurevich to appear before the Jerusalem District Court for an extradition hearing.

Judge Einat Avman-Moller ordered him to remain in custody, with a subsequent hearing scheduled for Sunday.

The arrest operation was coordinated by the Operational Coordination Department of the Israel Police’s National Fraud Unit in conjunction with the Tel Aviv Fraud Division.

The Nomad Bridge Hack of 2022

The Nomad Bridge hack occurred on August 1, 2022, resulting in approximately $186 million in stolen digital assets.

Prosecutors allege that Gurevich identified and exploited a vulnerability in Nomad’s cross-chain bridge protocol, personally withdrawing roughly $2.89 million in tokens.

Within hours of his initial breach, other attackers discovered the same vulnerability and drained the remaining assets from the platform.

According to the extradition request, Gurevich contacted Nomad’s Chief Technology Officer James Prestwich via Telegram three days after the attack.

Using a fake identity, he admitted to “amateurishly” probing for weaknesses and apologized for the trouble caused.

During these communications, he disclosed that he had returned approximately $162,000 to a recovery wallet established by the company, while simultaneously demanding a $500,000 reward for identifying the vulnerability.

When Nomad countered with an offer of 10% of the stolen assets’ value, Gurevich ceased all contact, prompting an FBI investigation from their San Francisco field office.

International Legal Proceedings

On August 16, 2023, US federal authorities filed an eight-count indictment against Gurevich in the Northern District of California, followed by an arrest warrant.

The formal extradition request was submitted to Israel in December 2024.

The charges Gurevich faces carry substantially heavier penalties in the United States than they would under Israeli law.

Five of the counts each carry maximum sentences of 10 years imprisonment and $250,000 fines in the US, compared to just three years per offense in Israel.

Additionally, the US money laundering charge carries a maximum 20-year sentence, double the potential penalty in Israel.

If extradited and convicted, Gurevich will not be eligible to serve his sentence in Israel since he was not an Israeli resident when the alleged crimes occurred.

The case is being handled by attorney Avi Kronenberg of the State Attorney’s Office International Department, while Gurevich is currently represented by the Public Defender’s Office.

The Nomad hack was one of several high-profile cyberattacks on cryptocurrency platforms in 2022, with total industry losses that year exceeding $1 billion.

Setting Up SOC Team? – Download Free Ultimate SIEM Pricing Guide (PDF) For Your SOC Team -> Free Download