Gurevich, a dual Russian-Israeli citizen, is accused of being the first person to exploit a critical vulnerability in Nomad’s smart contract system. U.S. prosecutors have charged him with money laundering and computer-related crimes. Extradition proceedings are currently underway to transfer him to the United States to face trial.
The vulnerability in Nomad allowed attackers to spoof transactions and withdraw funds without proper validation. Most of the stolen funds were in USDC stablecoin and wrapped Bitcoin and Ethereum. According to blockchain security expert Peter Kacherginsky, Gurevich demonstrated strong technical skills but lacked proper operational security, leading to his capture.
Reports state that Gurevich admitted his involvement in messages sent to the Nomad team via Telegram. He allegedly requested a $500,000 bounty for identifying the flaw, a common tactic among hackers seeking to legitimize their actions and avoid prosecution by returning the stolen assets.
However, Gurevich is accused of stealing $2.89 million from the platform. The remaining losses, totaling over $187 million, were caused by numerous copycat attackers who exploited the same flaw after the breach became public.
Blockchain researcher Samczsun described the exploit as extremely easy to copy. “All you had to do was find a transaction that worked, change the address to yours, and re-broadcast it,” he said. According to Coinbase, 88 unique wallet addresses were linked to copycat hackers who collectively drained $88 million.
Some individuals involved in the exploit acted as whitehat hackers and later returned the stolen funds.
The Nomad attack is one of the largest decentralized finance (DeFi) hacks to date, highlighting the risks in smart contract security and the challenges of tracking decentralized attackers.
Investigations into other participants in the attack are ongoing.
Tags:
Cybercrime in World
