The U.S. Marshals Service is investigating allegations that more than $40 million in government-seized cryptocurrency was stolen — and a well-known blockchain sleuth has pointed the finger at the son of a federal contractor. Blockchain investigator ZachXBT has accused John “Lick” Daghita of moving large sums of confiscated crypto from wallets managed by his father’s company, CMDSS — a firm that lists services for the Department of Justice and Department of Defense. ZachXBT told CoinDesk he reported John to authorities but said it’s still unclear how the alleged access to the wallets was obtained, or whether it was enabled through John’s father, Dean Daghita, CMDSS’s president. The case drew public attention after ZachXBT posted on X that a wallet he tied to the suspect had been “flexing” roughly $23 million and was directly linked to more than $90 million in suspected thefts from U.S. government seizure addresses in 2024 and other victims between November and December 2025. He later identified a separate address holding 12,540 ETH — about $36.3 million — which he says was controlled by John Daghita. ZachXBT also says Daghita sent him 0.6767 ETH, which ZachXBT intended to forward to a U.S. government seizure address. The U.S. Marshals Service declined to comment beyond confirming that an investigation is underway. Brady McCarron, chief of public affairs for the USMS, told CoinDesk the agency could not provide additional details because of active investigative work. CoinDesk reached out to the Department of Defense, CMDSS and ZachXBT; none immediately responded with further comment. ZachXBT’s evidence includes a recorded Telegram exchange between Daghita and another individual engaged in a “band for band” show-off — a back-and-forth attempt to prove control of large crypto balances. In the footage, ZachXBT says Daghita screen-shares an Exodus wallet showing about $2.3 million, and subsequently moves roughly $6.7 million in ETH into another address. ZachXBT says his tracing tied at least $23 million in those wallets to seized government crypto from 2024 and 2025. The allegation raises questions about custody and controls at private firms contracted to handle law-enforcement seizures. CMDSS has been reported to hold an active federal IT contract, including work to assist the U.S. Marshals in managing and disposing of seized and forfeited cryptocurrency. In February 2025, sources told CoinDesk the USMS itself appeared unsure of the total amount of crypto it held, highlighting broader transparency and accounting challenges in government custody of digital assets. All parties should be considered under allegation until proven otherwise; the USMS investigation is ongoing. This story is developing and additional details may emerge as investigators and the firms involved respond. Read more AI-generated news on: undefined/news

#ETH