Skip to timeline

Web3 is Going Just Great

...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.

Created by Molly White. Subscribe to her newsletter for weekly recaps.

Thief of millions in seized U.S.-controlled crypto alleged to be government crypto contractor's son

Two crypto thieves decided to settle an argument over who was wealthier by screensharing as they transferred crypto between wallets to prove ownership. In doing so, one of them — known online as "Lick" — revealed a wallet address that crypto sleuth zachxbt quickly tied to the theft of around $40 million from US government wallets containing seized crypto assets, including a $20 million theft zachxbt reported in October 2024. Lick's wallets contained around $90 million in total, including the stolen government assets and those stolen from other victims.

zachxbt has alleged that "Lick" is a man named John Daghita. After reporting Daghita's identity, "Lick" appeared to try to scrub his Telegram account, then dusted zachxbt's public crypto wallet from one of the theft addresses.

Daghitia is reportedly the son of Dean Daghita, the owner of Command Services & Support (CMDSS). In October 2024, CMDSS landed a contract with the US Marshals to manage seized crypto assets, which is still active. After zachxbt linked the younger Daghita to his father and CMDSS, CMDSS also scrubbed its online presence. Around that time, Lick began trolling zachxbt again, and later sent 0.6767 ETH (~$1,900) of the stolen funds to zachxbt.

CMDSS' website boasts that they are "a proven provider of mission-critical services to the Department of Defense and Department of Justice".

Theme tags: Shady business

Crypto holder loses $283 million to scammer impersonating wallet support

A crypto holder has lost $282 million in bitcoin and litecoin after a scammer impersonating a customer support employee for the Trezor hardware wallet manufacturer successfully convinced them into revealing their seed phrase. After gaining access to the assets, they quickly swapped them to the Monero privacycoin. The volume of assets was so large that the Monero price spiked as the scammer laundered the finds. The scammer also swapped assets using the THORChain project, which boasted on social media about the "World record speedrun. ⚡️" (presumably without realizing they were bragging about a thief using their project to launder money).

Around $700,000 of the stolen assets were frozen thanks to intervention by a security firm called ZeroShadow, although this represents only 0.2% of the total loss.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Bitcoin, Litecoin, Monero

GANA Payment hacked for $3.1 million

An attacker stole approximately $3.1 million from the BNB chain-based GANA Payment project. The thief laundered about $1 million of the stolen funds through Tornado Cash shortly after. The attacker was able transfer ownership of the GANA contract to themselves, possibly after a private key leak.

The theft was first observed by crypto sleuth zachxbt. Not long after, the project acknowledged on its Twitter account that "GANA's interaction contract has been targeted by an external attack, resulting in unauthorized asset theft."

Theme tags: Hack or scam
Blockchain tags: Blockchain: BNB Chain
Tech tags: DeFi

Garden hacked for $11 million

The Garden bitcoin bridge suffered a roughly $11 million loss after one of its solvers was compromised. These solvers essentially act as market makers for the protocol. Some blockchain sleuths have questioned whether the affected solver, which Garden described as a separate entity, may actually be operated by the same team as Garden.

There wasn't much sympathy to be had for Garden after this exploit. The protocol had recently announced hitting a milestone of bridging more than $2 billion in assets, but the celebration was criticized after zachxbt pointed out that a substantial portion of the bridged funds were proceeds of crimes being laundered to evade detection and recovery.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Bitcoin

SBI Crypto likely suffers $21 million theft

Crypto sleuth zachxbt observed $21 million in "suspicious outflows" from SBI Crypto, a crypto mining subsidiary of the Japanese SBI Group. The money was quickly laundered through instant exchanges and Tornado Cash, in ways zachxbt observed were similar to tactics of North Korean crypto thieves.

SBI Crypto has not made any public statements addressing the apparent theft.

Theme tags: Hack or scam

Crypto exchange BitoPro belatedly discloses $11.5 million hack

The Taiwanese cryptocurrency exchange BitoPro disclosed that they had suffered a theft from one of their hot wallets, which they said occurred during a system upgrade in which they were transferring assets between wallets.

The theft was originally noticed by crypto sleuth zachxbt, who observed a suspicious transfer of around $11.5 million in crypto assets on May 8. The funds sold on decentralized exchanges and then laundered through various cryptocurrency mixing services.

BitoPro originally only told customers that the platform was offline for "maintenance", but disclosed the theft on June 2 after zachxbt published his findings.

Theme tags: Hack or scam

$330 million in Bitcoin apparently stolen; laundering spikes Monero price by over 40%

3,250 BTC (~$330 million) were apparently stolen from a bitcoin holder and then quickly moved through multiple exchanges and swapped for the Monero privacycoin. Such a massive swap into Monero was apparently enough to cause the Monero price to spike from around $230 to as high as around $330, before retracting somewhat.
Theme tags: Hack or scam
Blockchain tags: Blockchain: Bitcoin, Monero

Coinbase customer loses $35 million in bitcoin theft

A Coinbase customer reportedly lost 400 BTC (~$35 million) in a scam identified by blockchain sleuth zachxbt. While investigating the massive theft from the single customer, he also observed at least $11 million in thefts from various other Coinbase customers throughout March.

zachxbt has previously accused Coinbase of not doing enough to protect customers from hundreds of millions of dollars in scams, and he noted that in these cases, Coinbase had not marked the thief wallets as malicious in various cryptocurrency compliance tools.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Bitcoin

Coinbase accused by crypto sleuth zachxbt of allowing more than $300 million per year in social engineering attacks on its customers

Crypto sleuth zachxbt has accused the popular American cryptocurrency exchange Coinbase of "fail[ing] to stop its users losing $300M+ per year to social engineering scams". He identified $65 million in crypto thefts from Coinbase in just the most recent two months, but noted that the "number is likely much lower than the actual amount stolen as our data was limited to my DMs and thefts we discovered on-chain which does not account for Coinbase support tickets and police reports we do not have access to."

zachxbt recounted how scammers routinely spoof phone numbers and use stolen personal information to gain trust with victims on phone calls, where they claim to be Coinbase employees informing users of unauthorized account access. They then walk victims through "securing" their accounts, but in reality they direct people to cloned versions of the Coinbase website where the victims are made to transfer their assets to the scammers.

zachxbt concluded, "Coinbase needs to urgently make changes as more and more users are being scammed for tens of millions every month. ... Coinbase is in a position where they have the power to make these changes and set a good example but they have chosen to do little to nothing ."

Theme tags: Hack or scam

NoOnes hacked for almost $8 million

After crypto sleuth zachxbt noticed an apparent theft from the NoOnes peer-to-peer crypto trading platform on January 1, CEO Ray Youssef was forced to acknowledge the theft. He claimed that the project's Solana bridge had suffered a compromised, and explained that it had been taken offline for "exhaustive pen testing".

Youssef emphasized that user funds were safe, which led to questioning from others on how that could be possible when nearly $8 million had been stolen. Youssef claimed he had reimbursed the stolen assets himself.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Solana

No JavaScript? That's cool too! Check out the Web 1.0 version of the site to see more entries.