-640x358.jpg&w=1200&q=75)
US investigators are probing an alleged $40 million crypto theft linked to John Daghita, known online as “Lick,” according to blockchain findings.
The case is connected to Daghita’s father, who leads CMDSS, a Virginia-based IT firm contracted in 2024 to support the US Marshals Service with seized digital assets.
Blockchain investigator ZachXBT reported tracing at least $23 million to a single wallet associated with government seizure addresses.
The same wallet is believed to be linked to suspected thefts exceeding $90 million across 2024 and late 2025.
Investigators believe the alleged theft was enabled by insider access to private crypto addresses through CMDSS’s government role.
Following the allegations, CMDSS removed its website staff details and deleted its X and LinkedIn accounts.
ZachXBT said Daghita remained active on Telegram, where he allegedly displayed assets linked to the theft.
Daghita reportedly removed NFT usernames and changed his screen name shortly after the findings were made public.
CMDSS has held contracts with the US Department of Defense and Department of Justice, intensifying scrutiny over internal controls.
Analysts are urging urgent audits to assess whether other sensitive government assets were exposed.
The case has renewed concerns about insider risk within government-managed crypto custody frameworks.
Authorities continue to examine CMDSS’s operational protocols as part of the ongoing investigation.