Key Takeaways
- The US Marshals Service confirmed an investigation into claims that a contractor’s relative stole over $40 million in seized digital assets.
- Blockchain sleuth ZachXBT traced nearly $60 million in stolen funds, including a direct transfer of “tainted” Ether to his own public address.
- The incident centers on Command Services & Support (CMDSS), a firm hired in 2024 to manage the government’s massive crypto custody needs.
It looks like the U.S. Marshals are dealing with a nightmare scenario in their crypto department. After blockchain sleuths flagged some highly suspicious activity, the agency admitted they’re investigating the loss of over $40 million in digital assets. For an organization tasked with keeping seized loot safe, having $40 million vanish into thin air is more than just a security slip—it’s a massive blow to their credibility.
The primary suspect is John Daghita, the son of the president of Command Services & Support (CMDSS)—the very firm entrusted by the USMS to safeguard seized digital wealth. This breach highlights the growing pains of a government trying to manage billions in “stateless” assets using traditional third-party contractors.
The investigation gained public traction when renowned blockchain investigator ZachXBT disclosed a trail of transactions linking Daghita to wallets holding approximately $23 million in various tokens. These funds were traced back to government seizure addresses from 2024 and 2025.
In a bold display of transparency (or perhaps hubris), Daghita allegedly sent a “dust” transaction of stolen government funds directly to ZachXBT’s public wallet, effectively confirming the link between the stolen federal loot and the suspect’s personal control.
How much crypto does the US government hold?
To understand the gravity of this theft, one must look at the scale of the US government’s digital treasury. According to data from BitcoinTreasuries.NET, federal authorities currently hold an estimated 328,372 Bitcoin, primarily acquired through high-profile law enforcement actions like the Bitfinex hack and the Silk Road investigations.
At current 2026 valuations, this stash is worth roughly $30 billion. When Ether and other altcoins are included, the US government sits on one of the largest digital asset piles in the world, making its custody protocols a prime target for both external hackers and internal bad actors.
This alleged $40 million exploit represents only a fraction of the total holdings, but it raises existential questions about the White House Crypto Council’s oversight of federal contractors.
Patrick Witt, the council’s director, has signaled that the administration is “on it,” but the damage to public trust is already done. As the government continues to seize assets from global cybercriminals, the “watchers of the watchers” must now prove they can secure a wallet as effectively as they can a physical vault.
Final Thoughts
The US Marshals’ struggle with internal security proves that even the most powerful government on Earth is not immune to the unique risks of crypto custody.
Frequently Asked Questions
Who is John Daghita?
He is the son of the president of CMDSS, a company contracted by the US Marshals for crypto custody services.
How was the theft discovered?
On-chain sleuth ZachXBT traced $40M+ in funds from government addresses to wallets linked to Daghers.
Is the stolen money recovered?
Some funds have been tracked to specific addresses, but the investigation into the full recovery of the $40M is ongoing.
