Federal Custody Breach: $90M Linked to US Seized Assets Drained by Contractor Insider
A ‘band for band’ wealth dispute exposes a government contractor’s son allegedly draining $90M from US Marshals’ seized crypto wallets.
The $23 Million Ego Trip That Exposed a Federal Security Failure
A high-stakes digital flexing contest has inadvertently revealed one of the most embarrassing security lapses in US government crypto custody history. Blockchain investigator ZachXBT has exposed a wallet network allegedly controlled by John “Lick” Daghita, the son of the CEO of CMDSS, a firm contracted by the US Marshals Service to manage seized digital assets, containing over $90 million in illicit funds.
The breach, which includes $24.9 million directly traced to the government’s infamous Bitfinex hack seizure, came to light not through sophisticated forensics, but a recorded “band for band” dispute. In an attempt to prove his wealth against a rival threat actor, Daghita screen-shared an Exodus wallet, effectively doxxing his control over federal evidence.
The Mechanics of the Leak
The exposure occurred during a heated group chat argument with another individual, Dritan Kapplani Jr. To settle a dispute over who held more liquid assets, Daghita broadcasted his screen, consolidating approximately $23 million in real-time.
ZachXBT analyzed the footage, linking the visible wallet (0xd8bc) to a series of transfers that painted a damning picture of internal theft:
- The Smoking Gun: Wallet 0xc7a2 received $24.9 million in March 2024 directly from a US government address holding seized Bitfinex assets.
- The Flow: Funds were washed through intermediate wallets before landing in addresses Daghita claimed as his own during the dispute.
- The Scale: Beyond the Bitfinex funds, the network is linked to over $90 million in total suspicious inflows, including a $63 million tranche received in late 2025.
The footage demonstrates John’s control over multiple addresses… tracing backwards verified the source as the US government’s Bitfinex seizure wallet.
Institutional Fallout: CMDSS Goes Dark
The implications for the Department of Justice are severe. CMDSS (Communications & Management Data Systems Solutions) held a valid contract to assist the US Marshals Service with asset disposal. Following ZachXBT’s publication of the data, CMDSS immediately deactivated its website, LinkedIn, and X accounts.
This incident shatters the assumption of “cold storage” for government-seized assets. While the market fixates on Bitcoin’s slide below $88,000 (-1.4%), the real liquidity crisis is the confidence in federal custody protocols. If a contractor’s relative can access private keys to state-held evidence for a discord argument, the security framework for billions in seized assets is effectively nonexistent.
No official charges have been filed by the DOJ at press time.
