January 27, 2026
Flex. Screenshare. Facepalm.
Thief of $90M in seized U.S.-controlled crypto is gov't contractor's son
Crypto flex outs $90M heist; sleuth names contractor's son as commenters roast ego, feds
TLDR: A boastful screenshare allegedly exposed a $90M crypto theft and led a sleuth to name a contractor’s son, sparking outrage and memes. Commenters slam government oversight and laugh at the ego trip, arguing whether this is detective work triumph or a sign of systemic incompetence.
The internet is gobsmacked by a crypto flex gone nuclear. Two alleged thieves got into a “who’s richer” spat, screenshared to prove it, and one—known as “Lick”—flashed a wallet address that blockchain sleuth zachxbt tied to roughly $90 million missing from U.S.-controlled wallets that hold seized crypto. Zachxbt alleges “Lick” is John Daghita, reportedly the son of a contractor whose company, CMDSS, landed a U.S. Marshals contract to manage seized crypto. After being named, “Lick” allegedly scrubbed his Telegram, “dusted” zachxbt’s wallet from a theft-linked address, and later sent 0.6767 ETH (about $1,900) as a taunt. CMDSS also reportedly scrubbed its site. Drama? Overflowing.
Commenters are split between outrage and eye-rolls. One camp says this is proof of government incompetence, claiming officials didn’t notice until the thread exploded. Another says it’s classic hubris—“the perfect crime undone by ego.” There’s cynicism about government contracting—“hire a connected guy and call it mission-critical”—and a big side of “no honor among thieves.” Some are confused and asking for a TL;DR, while others are here for the memes: “screenshare-to-scandal speedrun,” “Crypto Clouseau vs. the Nepo Heist,” and “0.6767 ETH as troll tax.”
Amid the chaos, the crowd’s mood is loud and messy: name-and-shame sleuthing vs. systemic failure. What’s proven in court? Nothing yet. What’s proven online? That a petty flex can set the internet on fire—and put everyone from crypto bros to government contractors under the brightest, hottest spotlight.
Key Points
- •A wallet revealed by the alias “Lick” during a screenshare was linked by zachxbt to about $90 million stolen from U.S. government-controlled seized crypto wallets.
- •zachxbt alleges “Lick” is John Daghita, who later appeared to scrub his Telegram account and dusted zachxbt’s wallet from theft-linked addresses.
- •John Daghita is reportedly the son of Dean Daghita, owner of Command Services & Support (CMDSS).
- •CMDSS secured an active U.S. Marshals contract in October 2024 to manage seized crypto assets and subsequently scrubbed its online presence after being linked to the suspect.
- •“Lick” later sent 0.6767 ETH (~$1,900) of the allegedly stolen funds to zachxbt; CMDSS’ website claims mission-critical services to the DoD and DOJ.