zachxbt · TEXXR

John Daghita (Lick) was arrested in the Caribbean yesterday as a direct result of my investigation. In late January 2026, I exposed how John stole $ 46M+ in seized crypto assets from the US government by abusing access at CMDSS, his father's company, which held a USMS contract. [image]

2026-03-07 View on X

Decrypt

The FBI arrests the son of a federal contractor who managed critical services and charges him with stealing ~$46M in crypto from the US Marshals Service

View original

John Daghita (Lick) was arrested in the Caribbean yesterday as a direct result of my investigation. In late January 2026, I exposed how John stole $ 46M+ in seized crypto assets from the US government by abusing access at CMDSS, his father's company, which held a USMS contract. [image]

2026-03-06 View on X

Decrypt

The FBI arrests the son of a federal contractor who managed critical services and charges him with stealing ~$46M in crypto from the US Marshals Service

John Daghita was publicly accused of the crime by blockchain sleuth ZachXBT in January. — In brief

View original

John Daghita (Lick) was arrested in the Caribbean yesterday as a direct result of my investigation. In late January 2026, I exposed how John stole $ 46M+ in seized crypto assets from the US government by abusing access at CMDSS, his father's company, which held a USMS contract. [image]

2026-03-05 View on X

Decrypt

The FBI arrests the son of a federal contractor who managed critical services and charges him with stealing ~$46M in crypto from the US Marshals Service

John Daghita was publicly accused of the crime by blockchain sleuth ZachXBT in January. — In brief

View original

@TGKContent @sama Open AI is the Epstein of AI companies if you think they'll act with integrity and safely handle user personal data vs max extract No Diddy

2026-02-05 View on X

@sama

Sam Altman says Anthropic's Super Bowl ads are funny but “dishonest”, and Anthropic serves a “product to rich people” while OpenAI is “committed to free access”

First, the good part of the Anthropic ads: they are funny, and I laughed. But I wonder why Anthropic would go for something so clearly dishonest. Our most important principle for a...

View original

On January 10, 2026 at around 11 pm UTC a victim lost $282M+ worth of LTC & BTC due to a hardware wallet social engineering scam. The attacker began converting the stolen LTC & BTC to Monero via multiple instant exchanges causing the XMR price to sharply increase. BTC was also

2026-01-18 View on X

The Block

ZachXBT: a crypto user lost $282M+ in BTC and LTC in a hardware wallet social engineering scam; XMR jumped as the attacker began converting the funds to Monero

Partner offers — Quick Take — XMR hit an all-time high of $797.73 on Jan. 14, coinciding with a series …

View original

On January 10, 2026 at around 11 pm UTC a victim lost $282M+ worth of LTC & BTC due to a hardware wallet social engineering scam. The attacker began converting the stolen LTC & BTC to Monero via multiple instant exchanges causing the XMR price to sharply increase. BTC was also

2026-01-17 View on X

The Block

ZachXBT: a crypto user lost $282M+ in BTC and LTC in a hardware wallet social engineering scam; XMR jumped as the attacker began converting the funds to Monero

Partner offers — Quick Take — XMR hit an all-time high of $797.73 on Jan. 14, coinciding with a series …

View original

@cobie @lBattleRhino Anyone who doesn't make appearances frequently. So many people have STDs from speaking to every podcast / media publication that contacts them. I think a lot of your most entertaining content came impromptu during / after major events vs scheduled episodes.

2025-10-21 View on X

Wall Street Journal

Coinbase agrees to acquire Echo, a blockchain platform to let crypto companies quickly raise capital, for ~$375M, marking Coinbase's eighth acquisition in 2025

Acquisition marks Coinbase's eighth deal this year — Coinbase Global has struck a roughly $375 million deal to acquire Echo …

View original

What's most interesting is wallet addresses listed in the US government $14B (127K BTC) seizure previously were named in a Milky Sad report ~2 years ago for having vulnerable private keys and now the USG says they have custody of them. [image]

2025-10-15 View on X

CNBC

The US DOJ seizes ~$15B in bitcoin held in wallets owned by a man who oversaw a “pig butchering” operation in Cambodia, in the DOJ's largest ever forfeiture

The Department of Justice has seized about $15 billion worth of bitcoin held by a man who oversaw a massive “pig butchering” …

View original

What's most interesting is wallet addresses listed in the US government $14B (127K BTC) seizure previously were named in a Milky Sad report ~2 years ago for having vulnerable private keys and now the USG says they have custody of them. [image]

2025-10-14 View on X

CNBC

The US DOJ seizes ~$15B in bitcoin from a man who oversaw a Cambodian “pig butchering” operation, in the DOJ's largest ever forfeiture; the man remains at large

The Department of Justice has seized about $15 billion worth of bitcoin held by a man who oversaw a massive …

View original

@lookonchain I do not feel bad for the team as this CEX processed a good bit of volume from pig butchering, romance, investment scams.

2025-07-17 View on X

CoinDesk

Crypto exchange BigONE confirms a $27M hot wallet hack, says it will “cover all losses”, and is working with security firm SlowMist to trace the stolen assets

Seychelles-based outfit says security attack occurred, will fully cover all losses Isabella Flores / CryptoNinjas : 27M Vanishes in BigONE Hack but That's Not the Most Shocking Par...

View original

@BigONEexchange @lookonchain “We successfully froze a portion of the assets involved” They used the same account for 7 months uninterrupted..... Now the same pig butchering group uses a new BIGONE deposit address that has received $4.5M from scams over the past week 1MWq9iNRe3MfYCq3j7439JDyooczqGBnR5

2025-07-17 View on X

CoinDesk

Crypto exchange BigONE confirms a $27M hot wallet hack, says it will “cover all losses”, and is working with security firm SlowMist to trace the stolen assets

Seychelles-based outfit says security attack occurred, will fully cover all losses Isabella Flores / CryptoNinjas : 27M Vanishes in BigONE Hack but That's Not the Most Shocking Par...

View original

@BigONEexchange @lookonchain Here's a single BIGONE deposit address that processed $60M+ late last year directly linked to numerous pig butchering scams (Define product, bestbitex, trustfutureswap, etc) yet your “report” shows none of that. 16jAfbpfRzFvagiP5hzBPrYF9YhUhQuq9h My license does not permit to

2025-07-17 View on X

CoinDesk

Crypto exchange BigONE confirms a $27M hot wallet hack, says it will “cover all losses”, and is working with security firm SlowMist to trace the stolen assets

Seychelles-based outfit says security attack occurred, will fully cover all losses Isabella Flores / CryptoNinjas : 27M Vanishes in BigONE Hack but That's Not the Most Shocking Par...

View original

The crime supercycle is indeed very real. While it's true the industry has historically been ripe for abuse it has noticeably increased since politicians launched meme coins and numerous court cases were dropped further enabling the behavior. Laundering groups and small OTC [image]

2025-06-18 View on X

CyberScoop

A cyberattack claimed by pro-Israel hacktivist group Predatory Sparrow has reportedly disrupted services at Iran's state-owned Bank Sepah, including its website

The attack introduces a clear cyber element with immediate consequences for the country's critical infrastructure amid a growing conflict between Israel and Iran.

View original

@mrjasonchoi The issue is there's simply a lot of Coinbase targeted scams and a lot are unrelated to the incident disclosed today by Coinbase. The threat actors paying off employees were targeting users with 7-8 figs in their accounts. They pretended to be Coinbase support using personal

2025-05-16 View on X

Bloomberg

Source: Coinbase's hackers had bribed enough customer service representatives to achieve effectively on-demand access to customer info in the past five months

On the long list of crypto companies that have been hacked, there are plenty of examples of financial losses that are much more painful …

View original

@deltaxbt Threat actors were targeting users with 7-8 figs on Coinbase so that's how $200-400M was stolen since Dec 2024. If you are that rich tbh you should have a second passport and just use it basically as a wrapper for KYC while not using your main passport.

2025-05-16 View on X

Bloomberg

Source: Coinbase's hackers had bribed enough customer service representatives to achieve effectively on-demand access to customer info in the past five months

On the long list of crypto companies that have been hacked, there are plenty of examples of financial losses that are much more painful …

View original

@mrjasonchoi The issue is there's simply a lot of Coinbase targeted scams and a lot are unrelated to the incident disclosed today by Coinbase. The threat actors paying off employees were targeting users with 7-8 figs in their accounts. They pretended to be Coinbase support using personal

2025-05-16 View on X

Reuters

Coinbase says hackers accessed data of a “small subset” of users, but not credentials, expects to incur $180M-$400M in costs, and refuses to pay a $20M ransom

and the investigators who saw it coming Sead Fadilpašić / TechRadar : Personal information leaked in Coinbase cyberattack, cost could be $400 million Bloomberg : Coinbase Hack Coul...

View original

@deltaxbt Threat actors were targeting users with 7-8 figs on Coinbase so that's how $200-400M was stolen since Dec 2024. If you are that rich tbh you should have a second passport and just use it basically as a wrapper for KYC while not using your main passport.

2025-05-16 View on X

Reuters

Coinbase says hackers accessed data of a “small subset” of users, but not credentials, expects to incur $180M-$400M in costs, and refuses to pay a $20M ransom

and the investigators who saw it coming Sead Fadilpašić / TechRadar : Personal information leaked in Coinbase cyberattack, cost could be $400 million Bloomberg : Coinbase Hack Coul...

View original

@pikachu_crypto @arkham Partial recovery is more common (15-30% in a good scenario?) but it'll also be a bit harder to launder $1.46B I think depending on how patient they are. For recent hacks Lazarus has mainly just been spamming funds to Chinese exchanges on different chains where it eventually

2025-02-23 View on X

The Block

Arkham says ZachXBT submitted proof that North Korea's Lazarus Group is behind Bybit's $1.5B hack, which is the largest single theft in crypto history

There are reports that this address was used in an exploit on Bybit. Faarea Masud / BBC : Cryptocurrency theft of £1.1bn could be biggest ever Cas Abbé / Blockchain.News : Lazarus ...

View original

@arkham TLDR myself and Josh from CF connected the Bybit hack on-chain to the Phemex hack

2025-02-23 View on X

The Block

Arkham says ZachXBT submitted proof that North Korea's Lazarus Group is behind Bybit's $1.5B hack, which is the largest single theft in crypto history

There are reports that this address was used in an exploit on Bybit. Faarea Masud / BBC : Cryptocurrency theft of £1.1bn could be biggest ever Cas Abbé / Blockchain.News : Lazarus ...

View original

@TheDeFISaint ... Nah doesn't help as much to know who it is when it's a nation state threat actor

2025-02-23 View on X

The Block

Arkham says ZachXBT submitted proof that North Korea's Lazarus Group is behind Bybit's $1.5B hack, which is the largest single theft in crypto history

There are reports that this address was used in an exploit on Bybit. Faarea Masud / BBC : Cryptocurrency theft of £1.1bn could be biggest ever Cas Abbé / Blockchain.News : Lazarus ...

View original