Alleged $90 Million Crypto Theft Linked to US Government Seized Assets

Global: Alleged $90 Million Crypto Theft Linked to US Government Seized Assets

Key Findings

A blockchain analyst has linked a $90 million theft of cryptocurrency seized by U.S. authorities to a wallet associated with an individual known online as “Lick,” according to publicly posted tweet threads. The analyst, who operates under the handle zachxbt, made the connection in early 2025.

Seized Government Wallets

The assets in question were held in wallets managed under a contract with the U.S. Marshals Service, valued at approximately $90 million, including a $20 million portion highlighted in October 2024. These wallets contain crypto that was confiscated in prior law‑enforcement actions.

Analyst’s Methodology

During a screen‑sharing session in which two self‑described crypto thieves compared holdings, the analyst observed the wallet address displayed by the individual known as “Lick.” Zachxbt subsequently traced the address to transactions involving the stolen government funds.

Connection to Command Services & Support

The wallet was reportedly tied to John Daghita, identified by the analyst as the son of Dean Daghita, the owner of Command Services & Support (CMDSS). CMDSS secured a contract with the U.S. Marshals in October 2024 to manage seized crypto assets, a contract that remains active.

Online Presence Removal

Following the public disclosure, CMDSS’s website and related online profiles were removed, and a Telegram account linked to the individual was scrubbed, according to the analyst’s observations.

Retaliatory Transfer

Shortly after the allegations surfaced, the individual transferred 0.6767 ETH—approximately $1,900—to the analyst’s public wallet. The analyst described the transaction as a possible attempt to provoke or retaliate.

Company Profile

CMDSS advertises itself as a “proven provider of mission‑critical services to the Department of Defense and Department of Justice.” The company has not issued a public comment regarding the allegations.

Implications for Oversight

The incident highlights ongoing challenges in monitoring illicit movements of seized cryptocurrency and raises questions about the oversight mechanisms governing private contractors that handle government‑owned digital assets.

This report is based on information from Web3 Is Going Great, licensed under Creative Commons Attribution 3.0 (CC BY 3.0). Analysis provided by Web3 Is Going Great.