For more than a decade, the U.S. government has been quietly building one of the largest Bitcoin stockpiles on the planet. Through high-profile cases like Silk Road and the Bitfinex hack, billions of dollars in confiscated crypto have flowed into government-controlled wallets—assets meant to be safeguarded, audited, and eventually auctioned.
Now, that confidence is under serious threat.
According to blockchain investigator ZachXBT, more than $40 million in digital assets may have been stolen from U.S. government–seized crypto wallets—not by foreign hackers, but by someone with insider access to the custody system itself.
The allegations have sent shockwaves through both the crypto world and law enforcement, raising an unsettling question: How secure is America’s Bitcoin vault?
The Contractor at the Center of the Storm
The investigation points to Command Services & Support (CMDSS), a Virginia-based IT firm led by Dean Daghita.
In October 2024, CMDSS was awarded a contract by the U.S. Marshals Service (USMS) to manage and dispose of seized cryptocurrencies considered too complex for standard exchange handling. This placed the firm in control of some of the most sensitive wallets in existence—including Bitcoin linked to the 2016 Bitfinex hack, one of the largest crypto crimes ever recorded.
With that responsibility came extraordinary access.
According to ZachXBT, that access may have been abused by the contractor’s son, allegedly John Daghita, who is accused of siphoning funds directly from government-controlled wallets.
A Telegram Dispute That Cracked the Case
The investigation began in an unlikely place: a private Telegram argument.
A leaked screen recording surfaced online showing a user identified as “John” sharing his screen during a heated exchange. The video appeared to show an Exodus wallet holding millions of dollars in crypto, with transactions being executed in real time.
During the recording, large balances of Ethereum and Tron-based tokens were consolidated into a single wallet.
What made the clip explosive wasn’t just the money—it was the on-chain trail.
Blockchain analysis linked the displayed assets back to wallets known to hold U.S. government–seized crypto. One transaction path pointed directly to a government address that had received $24.9 million in Bitcoin tied to Bitfinex-related seizures earlier in 2024.
The evidence suggested that this wasn’t speculation. The funds had history—and that history led straight to U.S. custody.
$20 Million Gone—And a Narrow Escape
Further on-chain data paints an even darker picture.
In October 2024, roughly $20 million was allegedly drained from USMS-controlled wallets. Most of the funds were returned within 24 hours, suggesting the activity was detected quickly—or that the perpetrator realized how dangerous the situation had become.
But not everything came back.
Approximately $700,000, routed through instant exchanges, vanished permanently.
According to ZachXBT, this pattern strongly indicates insider access, as the transactions would have been nearly impossible without knowledge of wallet controls and custody procedures.
Ironically, investigators believe the exposure came from overconfidence. The suspect may have been effectively “rage-baited” into revealing live wallet activity during the Telegram dispute—handing investigators the proof they needed.
Was $40 Million Just the Beginning?
The situation may be far worse than initially believed.
ZachXBT estimates total suspicious activity could exceed $90 million, based on additional wallet movements between November and December 2025.
Even more concerning:
One compromised wallet still holds approximately $18.5 million
Some funds remain untouched and potentially vulnerable
If the allegations are accurate, the incident may represent one of the largest insider crypto thefts in government history.
Unconfirmed reports in cybercrime circles claim the suspect may have been arrested in September 2025, but no public charges or official statements have been released. Both the U.S. Marshals Service and CMDSS have remained silent.
A System Already Under Scrutiny
This scandal lands on top of existing criticism of how the U.S. government manages seized digital assets.
Past reports revealed that the USMS has:
Relied on spreadsheets to track crypto holdings
Struggled to provide accurate totals of assets under custody
Competing firms had already challenged CMDSS’s contract award in 2024, citing licensing issues and potential conflicts of interest. Those concerns now look less like corporate complaints—and more like warnings that went unheeded.
Why This Threatens America’s Bitcoin Strategy
With Bitcoin trading near $90,000 in early 2026, even minor security failures can translate into massive losses.
The U.S. government controls billions of dollars in seized Bitcoin, much of it intended for:
Public auctions
Long-term strategic custody
Law enforcement funding
This case highlights a critical reality: insider threats may be more dangerous than external hackers.
Security experts warn that without:
Multi-signature wallet systems
Independent third-party audits
Continuous blockchain monitoring
…similar breaches could happen again.
The alleged theft also echoes earlier insider-driven crypto crimes, including a 2023 Silk Road–related Bitcoin incident that stunned investigators.
The Question Washington Can’t Ignore
This isn’t just about missing money.
It’s about trust—trust in the government’s ability to safeguard digital assets, manage future seizures, and oversee one of the world’s largest Bitcoin treasuries responsibly.
For now, one question hangs over Washington like a storm cloud:
If tens of millions could slip through once, how secure is the rest of the government’s Bitcoin?