Last night, John Daghita – a U.S. government contractor who allegedly stole more than $46 million in cryptocurrency from the U.S Marshals Service – was arrested on the island of Saint Martin by the French Gendarmerie’s premier elite tactical unit in a joint operation with the… pic.twitter.com/3ttochgbjk March 5, 2026
The investigation leading to the arrest was initiated by a crypto analyst on X — ZachBXT — who essentially published a full exposé on Daghita in late January. Daghita had reportedly taunted ZachBXT multiple times on Telegram by sending him tiny amounts of crypto (dust attacks). Eventually, ZachBXT was able to track some of these dust attacks back to certain wallet addresses and found out they were actually managed by the government.
One of these wallets held $36 million worth of crypto and was apparently tied to a $90 million seizure by the U.S. Marshals between 2024-2025. Zach reported his findings to the authorities and in just over a month, the FBI arrested the suspect. But how did John even have access to these wallet addresses?
FBI issues wanted notice for alleged North Korea-linked remote IT workers accused of $900,000 crypto theft
Two suspects arrested over theft of $1.5 million in Bitcoin stolen from police custody in outrageous blunder
South Korean authorities lose over $4.8 million in crypto after posting mnemonic recovery phrase online
John Daghita is apparently the son of Dean Daghita, the CEO andPresident of Command Services & Support (CMDSS), an IT firm that was contracted by the U.S. Marshals to manage seized crypto wallets. The company's contract was even protested by another competing firm at the time of its awarding. CMDSS was hired to manage and dispose of some of the currency tied to high-profile and complex seizures in 2024.
The announcement from Kash Patel labels John Daghita himself as a government contractor, so it's unclear if he was directly involved or if he just (secretly) exploited the access his father had. Moreover, whether Daghita Sr. was even aware of his son's activities remains to be seen.
John Daghita (Lick) was arrested in the Caribbean yesterday as a direct result of my investigation.In late January 2026, I exposed how John stole $ 46M+ in seized crypto assets from the US government by abusing access at CMDSS, his father's company, which held a USMS contract.… pic.twitter.com/iqnoQXKJqZ March 5, 2026
Although Daghita has been taken into federal custody, he has not been formerly charged, much less convicted, of a crime. During the arrest, authorities reportedly found Daghita with a briefcase full of cash and multiple security keys.
Follow Tom's Hardware on Google News , or add us as a preferred source , to get our latest news, analysis, & reviews in your feeds.
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/tech-industry/cryptocurrency/SPONSORED_LINK_URL
- https://www.tomshardware.com/tech-industry/cryptocurrency/fbi-arrests-crypto-thief-accused-of-stealing-usd46-million-from-seized-government-wallets-suspects-father-was-allegedly-contractor-for-the-us-marshals#main
- https://www.tomshardware.com/subscription
- Popular budget-friendly Chinese brand exposed for shocking CPU scam in its laptops — advertised CPU secretly swapped for an outdated chip
- This shark PC case will take a $5,499 megabyte out of your pocket — Cooler Master Shark X finally migrates to U.S. waters
- Arm's $250 million deal with Malaysia probed by anti-corruption authorities — $1.27 million seized from safehouse of prominent politician, former army chief arr
- Sovol SV08 Max review: Monster printer
- Survey Reveals AI Advances in Telecom: Networks and Automation in Driver’s Seat as Return on Investment Climbs
Informational only. No financial advice. Do your own research.