Over $135 million in seized cryptocurrency managed by the U.S. government was found to have been stolen by the son of a government cryptocurrency contractor.



Shocking facts have come to light: more than $90 million (approximately 13.5 billion yen) in cryptocurrency managed by the U.S. government was stolen by a government contractor. This massive theft was uncovered by renowned cryptocurrency investigator ZachXBT due to the culprit's careless actions, and it has been reported that the culprit's boasting led to the discovery of evidence of the massive theft.

Thief of $90M in grabbed US-controlled crypto alleged to be government crypto contractor's son
https://www.web3isgoinggreat.com/single/lick-theft

The incident first came to light when a person calling himself 'John' challenged other threat actors in a Telegram chat to see who was the richest. To prove his financial status, John shared a screenshot of his cryptocurrency wallet, boasting that he had a balance of approximately $23 million (approximately 3.45 billion yen).



ZachXBT closely watched the shared screen and analyzed the cryptocurrency wallet address provided. He discovered that the address was directly linked to approximately $90 million in illicit funds stolen from U.S. government wallets in 2024. This massive $90 million loss was the result of a series of thefts targeting cryptocurrencies seized and managed by the government as part of criminal investigations. In particular, the address was closely linked to the $20 million (approximately ¥3 billion) theft from the Bitfinex exchange, reported in October 2024.



Further investigation revealed the identity of the perpetrator to be a man named John Daheeta.



The man who allowed Daheeta, who was arrested in September 2025, to access government assets that were supposed to be highly protected, was his biological father, Dean Daheeta, the owner of Command Services & Support (CMDSS), a company that handles cryptocurrency management services.

In October 2024, CMDSS was awarded a $4 million government contract from the U.S. Marshals Service to assist in the management and disposal of seized cryptocurrency. Revenues from this contract were fully funded by the Department of Justice's forfeiture fund, accounting for 100% of the company's revenue. However, several concerns and criticisms have long been raised regarding the selection of the contract.

For example, competitors have pointed out that CMDSS does not hold the appropriate licenses from the Securities and Exchange Commission (SEC) or the Financial Industry Regulatory Authority (FINRA). They have also criticized the company for not doing enough to investigate conflicts of interest due to its previous employment of former USMS employees. The fact that a company with such weak management systems handled government assets is believed to have been a contributing factor to the recent fraud.

After ZachXBT exposed his identity and his family connections, John immediately deleted his Telegram account and his father's company, CMDSS, shut down its website and social media accounts, cutting off all contact with the outside world.



Even after the cover-up, John continued to be active on social media, repeatedly engaging in provocative behavior toward ZachXBT as he investigated the matter, and even harassed ZachXBT by sending 0.6767 ETH (approximately ¥285,000 at the time), a portion of the stolen government funds, to ZachXBT's public address. ZachXBT has stated that it plans to promptly return these illicit funds to the U.S. government seizure address.

Related Posts:

in Note, Posted by log1i_yk