John Daghita linked to $40M U.S. seized crypto breach; son of Marshals contractor, access method remains unclear.
Investigators identified John Daghita, also known as ‘Lick,’ in a reported breach of U.S. government seized crypto funds.
Investigators and on chain analysts say more than $40 million moved from wallets tied to federal seizure addresses, while access methods remain unclear.
Allegations Linked to Government Seizure Wallets
Blockchain investigator ZachXBT publicly identified John Daghita as the individual behind the alias “Lick.”
The activity targeted wallets holding crypto seized by U.S. authorities. These wallets reportedly contained assets from past law enforcement actions.
On-chain records showed funds moving from addresses linked to government-controlled wallets.
The transfers involved non-bitcoin assets, including several altcoins. The total value exceeded $40 million at the time of movement.
In case you are curious how John Daghita (Lick) was able to steal $40M+ from US government seizure addresses.
John’s dad owns CMDSS, which currently has an active IT government contract in Virginia.
CMMDS was awarded a contract to assist the USMS in managing/disposing of… https://t.co/lzR2a1aidA pic.twitter.com/PV0IkSuhVy
— ZachXBT (@zachxbt) January 25, 2026
Authorities have not announced any criminal charges, and they have not made any arrests.
Law enforcement agencies have not confirmed the identity publicly. The claims remain allegations based on blockchain analysis and public reporting.
CMDSS Contract With U.S. Marshals Service Draws Attention
John Daghita is the son of Dean Daghita, president of CMDSS, a Virginia-based IT firm.
CMDSS was awarded a U.S. Marshals Service contract in October 2024. The contract focused on managing and disposing of seized non bitcoin crypto assets.
The contract covered technical support for handling altcoins and similar digital assets.
These assets often require active wallet management and secure transfer processes. CMDSS became involved as the government expanded crypto seizure operations.
After the claims surfaced, CMDSS briefly deactivated its website and social media accounts.
The platforms later returned, but no public explanation followed. CMDSS has not issued a formal statement on the matter.
Related Reading: $48M Gone: South Korea’s Seized Bitcoin Vanishes in Phishing Attack
Unclear Access Path and Ongoing Silence
It remains unclear how John Daghita may have gained access to seized crypto systems. No evidence has been released showing direct access through CMDSS.
Authorities have not confirmed whether insider access played any role.
The U.S. Marshals Service has not commented on the reported wallet movements. There has been no confirmation of internal reviews or audits.
The lack of public response has left key questions unanswered.
The incident has drawn attention to how seized crypto is managed and stored. Federal agencies now control billions in digital assets.
Oversight and access controls remain under public scrutiny as the situation develops.
Source: https://www.livebitcoinnews.com/40m-seized-crypto-breach-how-a-u-s-contractors-son-was-involved/