ℍ𝕚𝕟𝕕𝕤𝕚𝕘𝕙𝕥 ♟️ ℂ𝕒𝕡𝕚𝕥𝕒𝕝

This was the ONLY hack in crypto history where ANYONE could steal $190 MILLION by just copying one transaction on Etherscan In August 2022 a man named Alexander Gurevich sat down at his computer and turned $2,300 into $2.3 million in a single Ethereum transaction 300 strangers watched it happen on Etherscan and copied him line by line By the time anyone could stop it $190 million was gone, only $36 million ever came back and the FBI spent three years hunting the man who started it His target was a cross chain bridge called Nomad If you held Ethereum and wanted to use it on a different blockchain like Moonbeam or Avalanche, you sent your tokens to Nomad Your tokens then got locked in a smart contract on Ethereum and Nomad minted matching wrapped versions for you on the other chain To get your originals back, you burned the wrapped versions and Nomad released the locked tokens from the contract Over $190 million in user deposits have been in that contract across five chains Everything depended on one rule Nomad would only release your tokens if it could verify the burn message was authentic Each withdrawal request got checked against a value called the "trusted root" A request that matched the trusted root was approved Anything else got rejected On June 21, 2022, Nomad pushed a routine code update and set that trusted root value to zero Usually setting it to zero on initialization is normal practice in software In this case it was catastrophic Zero now counted as a valid root, which meant every fake withdrawal request also counted as valid Any wallet could request any amount and Nomad would approve it without checking if the person had ever deposited anything Nobody touched the code for six weeks while $190 million in user funds waited behind a broken lock to get extracted On August 1, 2022, Gurevich found exactly this exploit He sent 0.01 wrapped Bitcoin to the bridge and walked away with 100 wrapped Bitcoin worth $2.3 million A 10,000x return on a single click His transaction was visible on Etherscan within seconds and it spread through Twitter and Discord instantly People started copying his transaction directly from the block explorer, replacing only the destination wallet address with their own, then clicking submit That was the entire attack No code, no flash loan, no exploit script, just a guy which edited one field and watch Nomad approve it A security researcher named samczsun later called it "a frenzied free for all" Over the next four hours more than 300 different wallets executed the same drain 41 of them pulled out $152 million between them, roughly 80% of the total stolen funds Some were white hat hacker trying to secure what they could to return later but most just kept it By the time Nomad paused the contract the bridge was already empty Mandiant later called the event "Decentralized Robbery" in their official threat report because nothing about this was like a normal hack and hundreds of strangers walked away with millions from the same bridge Three years later, in May 2025, Israeli police arrested Gurevich at Ben Gurion Airport Trying to board a flight to Russia under a fake passport, two days after legally changing his name to "Alexander Block" The FBI was hunting him since 2023, when his own Telegram message to Nomad's CTO became evidence He confessed to the exploit, apologized, asked for a $500,000 bounty, then went silent when Nomad offered only 10% and now faces up to 20 years in US federal prison on eight counts including wire fraud, money laundering, and transportation of stolen property The other 299 wallets are still tagged on Etherscan today