A major crypto scandal has erupted in the United States, implicating John Daghita, known online as “Lick”, in the alleged theft of more than $40 million from addresses seized by the government.
The incident is linked to Daghita’s father, who runs CMDSS, a Virginia-based IT company that won a contract in 2024 to help the US Marshals Service (USMS) manage and dispose of seized and confiscated crypto assets.
Alleged Insider Access Enables Massive Government Crypto Theft
The theft was allegedly facilitated by Daghita’s access to private cryptographic addresses through her father’s position at CMDSS.
While the exact mechanisms remain clear, blockchain investigator ZachXBT reportedly traced at least $23 million to a single wallet. The wallet is directly linked to alleged thefts totaling more than $90 million, spanning from 2024 to the end of 2025.
In response to the growing scandal, the CMDSS deleted its X (Twitter) and LinkedIn accounts. They also scrubbed its website of employee and team information.
Update: CMDSS company’s X account, website and LinkedIn have all just been deactivated pic.twitter.com/nvN6u5XMPq
— ZachXBT (@zachxbt) January 25, 2026
ZachXBT noted that Daghita remained active on Telegram, posting assets related to the theft and even interacting with public addresses related to the investigation.
1/ Meet threat actor John (Lick), who was caught embezzling $23 million in a wallet address directly linked to over $90 million in alleged thefts from the US government in 2024 and several other unidentified victims from November 2025 to December 2025. pic.twitter.com/SBAFU5hTnE
— ZachXBT (@zachxbt) January 23, 2026
It appears that Daghita quickly deleted the NFT usernames from his Telegram account and changed his screen name after the post, further complicating attempts to trace the stolen funds.
Government contracts and internal risks highlighted by the Daghita affair
The CMDSS is not a minor player in government IT contracts. Over the years, the company has maintained active contracts with the Department of Defense and the Department of Justice. This amplifies concerns about the amount of sensitive information or assets that may have been accessed by Daghita before the scandal broke.
Analysts are calling for urgent audits and a transparent assessment of the scale of potential losses.
Another massive crypto scandal is coming to light, this time involving a man named John Daghita.
John’s father owns a company called CMDSS, based in Virginia. In October 2024, under the Biden administration, the US government awarded it a major contract to assist the…
— Jacob King (@JacobKinge) January 25, 2026
This incident highlights a recurring vulnerability in crypto custody arrangements, even in government-sanctioned frameworks.
Even with sophisticated monitoring, human connections and internal access can pose significant risks.
Investigators continue to examine the technical and organizational aspects of the alleged theft. Authorities are reportedly reviewing CMDSS’ operational protocols and the extent to which the company’s government contracts may have inadvertently facilitated access to valuable crypto assets.
John Daghita’s alleged theft represents one of the most high-profile breaches of government-run crypto assets in recent memory.