In a recent revelation, blockchain investigator ZachXBT has uncovered a shocking case of crypto theft involving $40 million siphoned from U.S. government wallets. The alleged perpetrator is reportedly the son of a prominent executive at a company contracted by the U.S. Marshals Service to manage seized digital assets.
Unmasking the Crypto Thief
ZachXBT’s investigation points to an individual known as “Lick,” whose real name is John Daghita. Daghita is the son of Dean Daghita, CEO of CMDSS, a firm tasked with managing seized cryptocurrencies. The investigation links John Daghita to the illicit transfer of millions in cryptocurrency from government-controlled wallets.
According to company records, Dean Daghita leads Command Services & Support (CMDSS), a firm based in Haymarket, Virginia. CMDSS was awarded a contract in October 2024 to handle “Class 2-4” cryptocurrencies, including those not supported by major exchanges.
Tracing the Stolen Funds
The investigation gained traction following a recorded dispute in a Telegram group chat, where “Lick” engaged in a “band-for-band” argument to prove crypto ownership. During this exchange, he revealed a Tron address with $2.3 million and transferred another $6.7 million in ether.
ZachXBT traced these transactions back to a government address linked to assets seized from the infamous 2016 Bitfinex hack. This address had transferred $24.9 million to another wallet, which was involved in the theft.
Scrutiny on CMDSS
CMDSS has faced previous scrutiny regarding its government contract. Wave Digital Assets, a competitor, had protested CMDSS’s contract award, citing licensing issues and potential conflicts of interest. Despite this, the Government Accountability Office upheld the contract.
Challenges in managing seized crypto persist, as highlighted by a February 2025 CoinDesk report. The U.S. Marshals Service reportedly struggles with inventory controls, relying on spreadsheets to manage their holdings.
The ongoing investigation by ZachXBT continues to unravel the intricate details of this crypto theft case, shedding light on vulnerabilities within government systems handling digital assets.
