Imagine discovering that the son of a top executive overseeing the U.S. government’s crypto assets is accused of stealing a staggering $40 million. It sounds like the plot of a high-stakes thriller, but this is reality. Over the weekend, ZachXBT, a renowned blockchain investigator hailed by The New York Times as one of the best digital detectives, dropped a bombshell. He claimed that John Daghita, the son of Dean Daghita—CEO of Command Services & Support (CMDSS), a firm contracted to manage the government’s crypto holdings—is linked to the theft of funds tied to the 2016 Bitfinex hack. The U.S. Marshals Service has since confirmed they’re investigating the matter, but here’s where it gets even more intriguing: most of the stolen funds were reportedly returned within 24 hours, leaving everyone wondering why and how.
But how did this alleged heist unfold? According to ZachXBT, John Daghita, also known by his alias 'Lick,' was seen boasting about controlling large crypto wallets in a Telegram group chat. During a heated argument with another member, he allegedly revealed access to a wallet connected to the stolen government funds. And this is the part most people miss: the connection was made public after ZachXBT’s detailed reports on X (formerly Twitter), which prompted someone to send him $1,900 worth of ether tied to the theft. ZachXBT has pledged to return any recovered funds to the government, but the incident raises serious questions about security and accountability.
This isn’t the first time the U.S. Marshals Service has faced scrutiny over its handling of digital assets. Previous reports from CoinDesk and The Rage highlighted the agency’s inability to provide transparent accounting of its crypto holdings. Is this a systemic issue, or just a one-off scandal? CMDSS has since deactivated its LinkedIn and X accounts, and neither the company nor the U.S. Marshals Service has provided further comment. Meanwhile, Patrick Witt, Executive Director of the President’s Council of Advisors for Digital Assets, has stated he’s looking into the matter.
To put this in perspective, the U.S. government has a long history of seizing and profiting from crypto assets linked to criminal cases. For instance, tech investor Tim Draper once purchased nearly 30,000 bitcoin seized from the Silk Road darknet market—a stash now worth roughly $2.5 billion. However, under President Trump’s executive order, seized bitcoin is now added to a strategic reserve rather than sold. Arkham Intelligence estimates the government’s bitcoin holdings at nearly $30 billion, but with thefts like this, how secure is that reserve really?
Crypto thefts remain alarmingly common. Last year, a $120 million exploit in a DeFi application shook the industry, questioning the trustworthiness of platforms where transactions are irreversible. Meanwhile, 2025 saw a surge in physical crypto thefts, with criminals resorting to ‘$5 wrench attacks’—often using personal data leaked from hardware wallet manufacturers or even tax authorities. Illicit crypto activity hit a record $154 billion in 2025, though much of it involved stablecoins, which can be frozen by issuers. For example, Tether recently froze $182 million in USDT linked to Venezuela’s Maduro regime. But does this centralization defeat the purpose of decentralized cryptocurrencies?
As we grapple with these questions, one thing is clear: the line between innovation and vulnerability in the crypto world is razor-thin. What do you think? Is this alleged theft a wake-up call for better oversight, or just another growing pain in the crypto ecosystem? Let’s discuss in the comments.
