Key takeaways
- FBI and French Gendarmerie arrest John Daghita on Saint Martin for allegedly stealing $46 million in seized crypto from the US Marshals Service
- Blockchain analyst ZachXBT exposed the theft in January 2026, prompting federal investigation into contractor firm CMDSS
- The case forces scrutiny of how government agencies custody seized Bitcoin, including multisig controls and key rotation protocols
A Briefcase Full of Evidence
The FBI, working alongside the French Gendarmerie's elite tactical unit, arrested John Daghita on the Caribbean island of Saint Martin on March 4, charged with stealing more than $46 million in cryptocurrency from the US government.
Daghita is the son of Dean Daghita, president and CEO of Command Services & Support (CMDSS), a federal contractor that held a custody contract with the US Marshals Service for managing seized digital assets, including funds linked to the 2016 Bitfinex hack. Investigators allege John exploited his father's firm's access to move approximately $23 million in Ethereum between wallets, bragging about the theft in group chats with other alleged hackers.
'FBI will continue working 24/7 with our international partners to track down, apprehend, and bring to justice those who attempt to defraud American taxpayers.'
FBI Director Kash Patel confirmed the arrest. Officers seized cash in $100 bills, multiple hard drives, and security keys from a metal briefcase found with Daghita. US officials are expected to seek extradition.
ZachXBT Broke It First
The case owes its momentum to blockchain analyst ZachXBT, who publicly exposed the alleged crimes in late January 2026. After the findings were reported to authorities, Daghita reportedly taunted the investigator on Telegram by sending small amounts of the allegedly stolen funds to ZachXBT's public wallet address, a provocation known as a dust attack.
Why It Matters
This theft lays bare the fragility of how the US government holds seized Bitcoin. A single contractor family allegedly drained tens of millions because the custody framework relied on trusted access rather than cryptographic controls. The questions now are uncomfortable but necessary: why not multisig with geographically distributed keys? How are private keys rotated when personnel change? Who authorizes transfers, and is there an auditable approval chain? Whether the answer is a legally liable third-party custodian or a purpose-built multisig regime, the voting public now has every reason to demand answers. Trusting the state to hold Bitcoin the same way it holds fiat is a recipe for exactly this outcome.
