Federal Contractor's Son Accused Of Stealing $40M In Government Crypto Launches $LICK Token

John Daghita, who goes by the username "Lick" online, allegedly stole over $40 million in cryptocurrency from US government wallets and then launched a memecoin called $LICK on the pump.fun platform, Bubblemaps reported. 

The US Marshals Service confirmed an active investigation into the theft, which involves funds seized from criminal cases that were supposed to be under federal protection. Daghita is the son of Dean Daghita, president of Command Services & Support (CMDSS), a company contracted to manage seized digital assets for federal authorities.

What Happened To The Government's Seized Crypto?

The alleged theft involves cryptocurrency that the US government confiscated from criminal cases. CMDSS, a Virginia-based technology firm, received a contract from the US Marshals Service in October 2024 to manage and dispose of seized digital assets. This includes cryptocurrency that major exchanges do not support and assets tied to complex criminal investigations.

According to blockchain investigator ZachXBT, wallets allegedly controlled by John Daghita received approximately $40 million in digital assets from addresses linked to confiscated government funds. The stolen assets reportedly include funds from the 2016 Bitfinex hack, one of the largest cryptocurrency thefts in history where hackers stole about 120,000 Bitcoin.

ZachXBT traced multiple wallet addresses to Daghita and reported his findings to authorities. One wallet contained roughly $23 million in crypto connected to as much as $90 million in assets believed seized by the government in 2024 and 2025. A second wallet held 12,540 Ether, worth about $36 million at the time of discovery.

How Did The Alleged Theft Come To Light?

The case broke when details from a private Telegram chat surfaced online. In the conversation, a user identified as "Lick" allegedly screen-shared a wallet containing millions of dollars in cryptocurrency and demonstrated the ability to move funds in real time.

ZachXBT analyzed the blockchain transactions and connected the wallets shown in the screen-share to addresses known to hold government-seized assets. The investigator wrote on X (formerly Twitter) that he caught John "Lick" Daghita "flexing $23M in a wallet address directly tied to $90M+ in suspected thefts from the US Government in 2024."

Key developments in the case:

• ZachXBT published his initial findings on Friday
• He reported a second wallet with $36 million in Ether to authorities
• Daghita sent ZachXBT 0.6767 ETH ($1,900) from the allegedly stolen funds
• ZachXBT stated he will send any stolen funds received to a government seizure address
• Patrick Witt, director of the White House Crypto Council, responded "on it" to ZachXBT's claims on Monday

Who Is John Daghita And His Connection To CMDSS?

John Daghita is the son of Dean Daghita, who serves as president and chief executive of CMDSS. The company holds an active federal IT contract with the US Marshals Service specifically for managing seized cryptocurrency.

CMDSS won the contract to assist with disposing of digital assets that present unique challenges. This includes crypto tokens not listed on major exchanges and assets connected to ongoing criminal cases that require specialized handling. The contract gave the company access to wallets containing funds from high-profile seizures.

A spokesperson for the US Marshals Service told reporters that "the matter is under investigation" but declined to provide additional details about the case. Brady McCarron, chief of public affairs for the USMS, confirmed to media outlets that investigations are underway but said the agency could not comment further.

The $LICK Token Launch On Pump.fun

Following the theft allegations, Daghita launched a memecoin called $LICK on pump.fun, a platform that allows users to create and trade tokens with minimal technical requirements. Pump.fun has become popular for launching memecoins quickly, though many tokens created on the platform have little to no utility beyond speculation.

The timing of the $LICK launch, coming amid a federal investigation into alleged theft of government funds, raised eyebrows in the crypto community. The move represents either extreme confidence or a provocative gesture toward authorities investigating the case.

Conclusion

The US Marshals Service continues investigating the alleged theft of over $40 million in cryptocurrency from government-controlled wallets. John Daghita remains linked to multiple wallet addresses that blockchain investigators traced to seized federal assets, including funds from the 2016 Bitfinex hack. CMDSS, the company run by Daghita's father, held an active contract to manage these exact types of seized digital assets. 

ZachXBT's blockchain analysis provided authorities with specific wallet addresses and transaction records that form the basis of the ongoing investigation. The White House Crypto Council acknowledged the allegations, and federal investigators now have documented evidence of fund movements between government-linked wallets and addresses allegedly controlled by Daghita.

Resources 

1. Bubblemaps on X: Post on Jan. 27

2. ZachXBT on X: Post on Jan. 23-25

3. Report by CoinDesk: U.S. Marshals investigate claims that son of government contractor stole $40 million of seized crypto

4. Report by The Block: Individual behind $40 million government wallet theft is son of seized-crypto contractor executive: ZachXBT