U.S. authorities are investigating allegations that more than $40 million in cryptocurrency seized by law enforcement was stolen by the son of a federal contractor.
The U.S. Marshals Service (USMS) confirmed it is reviewing claims involving Command Services & Support (CMDSS), a Virginia-based technology firm that manages certain seized digital assets.
According to blockchain investigator ZachXBT, John “Lick” Daghita, the son of CMDSS’s president, accessed government-linked crypto wallets without authorization and diverted funds for personal use. ZachXBT linked several wallets to assets controlled by the USMS and reported the alleged theft to authorities.
The claims surfaced after a private Telegram chat was shared online. ZachXBT said John Daghita demonstrated the ability to move millions of dollars from wallets connected to government seizures. One wallet reportedly held 12,540 ETH, worth about $36 million. Some of the stolen funds were returned, but roughly $700,000 remains unaccounted for.
CMDSS has a federal contract to handle seized crypto, including assets from major cases like the 2016 Bitfinex hack. It is unclear how John Daghita gained access to the wallets or whether his father or the company’s systems played a role.
The case highlights concerns about how the U.S. government secures its growing stockpile of cryptocurrency, which includes hundreds of thousands of Bitcoin valued at tens of billions of dollars.
The investigation is ongoing, and the USMS has not provided further comment.
