So, crazy stuff just went down in crypto. The son of the CEO of CMDSS, a company tasked with helping the US Marshals protect seized crypto, just lifted over $40 million. This kid, John Daghita, got called poor in a Telegram group by some dude named Dritan. To prove he’s loaded, he transferred a huge amount of cash to a wallet linked to more than $90 million in US forfeited crypto that his dad manages. What’s wild is that no one knows how he managed to get into that US crypto wallet with his dad supposedly keeping an eye on things.
Check out this X thread where you can see the chats of him getting shamed for being broke and when he moved the funds.
Son of CEO Steals $40 Million in Crypto from US Marshals
17 replies 99 views
humbleoracleMember
Posts: 40 · Reputation: 179
#2Feb 26, 2018, 04:25 AM
The actual technical question for me is why anyone would assume a government contractor was using anything remotely secure in the first place.
people are looking for a complex exploit when the answer is almost certainly just abysmal operational security.
We're talking about forfeited assets, which means a messy collection of different tokens that were probably managed through some god-awful manual process.
i'm telling you there was no 'hack'.
Best case, it was a single Ledger sitting on a desk. Worst case, and what I think is more likely, it was a hot wallet like Exodus on a family computer, with the seed phrase written on a piece of paper in a drawer.
the kid probably saw his dad access it a dozen times, so this isn't a failure of cryptography; it's a failure of basic procedure.
i'd bet they didn't even have a proper multi-sig configuration because it's 'too complicated' for their workflow.
The fact he could just open a wallet and send $40 million to prove a point on Telegram tells you everything.
There were no layers of security, just a single point of failure, and that point of failure was a person.
I may be wrong, of course.
Never saw a fumble that hard on the level of government-seized funds.
They will need hella amount of audits to regain what they lost there - the trust, the flow, and the "transparency" they are all talking about
In the part 1 of the recorded chat John screen shared an Exodus wallet with about $2.3m worth of Tron in it, which is close to what you you said, his dad was careless with things, more than anythingelse, he would pay for being careless with his responsibilities, I don't think he was careful at safeguarding the private keys, the boy accessed them very easily, and it won't be his first time of doing this, for coming up publicly to show the process and flash expensive watches on social media, the private keys may have been laying on a desk for sometimes. This also portrays a threat for the government runnning Bitcoin treasuries and handing the keys to a law maker, similar outcome could erupt after sometimes.
I read the news on X yesterday, but havent seen the supposed telegram recordings and chats. Its crazy that he would steal millions from the US government, go online and brag about it, and think he is not going to get caught even after using an exchange address.
Or he simply thought he wouldn't be punished for that.
Classic. I hope people like these would just disappear..
wanted to ask what happened to multisig and why his father would be the only one managing it, but after reading the X post, it seems the father only managed altcoins (part of the forfeited altcoins, I guess).
I don't know much about altcoin multisig, but after researching, I noticed it has to be done through a third party like Safe, which is not a good idea, I guess again.
Still, it's quite outrageous to imagine how the son could access such funds.
In the society of today, most youths and teenagers are living my pair pressure, they want to show off to impress their friends or to oppress them, that's what is happening in my country too, the children of some top government officials are exhibiting some bad character to oppress their pairs and they assume that they can get away with it, without also realizing that they are spoiling their parents image. I wonder how people will look at this man because of this incident, it will seem as if he is disclosing official information to his family instead keeping official things official.
I'm not drawing any conclusions, but it seems the US government used a standard wallet in storing the Bitcoin. That is the only way the boy could have easily stolen the seed phrase from the dad. If they had used a multisig wallet, where even if one of the private keys was exposed, it would have been practically impossible to steal the funds, and this wouldn't have happened. I hope we get more info about the theft.
cobra_2015Full Member
Posts: 259 · Reputation: 728
#10Mar 2, 2018, 11:52 PM
This kid has harmed his father's business, which may result in the termination of the USMS contract in safeguarding forfeited crypto assets
I agree with you, this indicates that there were no multiple layers of protection or multi-sig wallet, likely a hardware wallet and may have kept the wallet seed somewhere at home, which the kid was able to access.
I believe that the man didn't hide anything from his son which was why he was careless with the wallet believing that his son wouldn't do anything stupid but look at it how his son's actions have put hin into a deep mess for not securing the nation asset properly.
This should be a lesson for majority of us who just keep our wallets in a computer in the sitting room because we trust our loved ones. Your wallet security lies in your hands and don't keep your seed phrase carelessly because you trust the people living with you in your house. Don't allow what people say affect you emotionally.
the_matrixSenior Member
Posts: 313 · Reputation: 1887
#12Mar 4, 2018, 02:45 AM
A good question to ask here is if his father was in on this or was the son able to pull this off solely on his own. It is crazy that the authorities can give sole access to just one person to control seized funds of such large amounts. What about a multisignature setup, or better transparency and vetting?
No wonder a lot of people believe that many incidences of hacks and funds being siphoned in centralized exchanges and other similar services could be nothing short of an inside job. This case right here kind of makes their point valid to a large extent.
The fact that he did this to prove that he is not broke, clearly shows you how bad peer pressure has flooded this generation lol
But don't just run into conclusion who knows wether his father has given him some information about his Bitcoin wallet, which made him have easy access to acquire it
h0dl3r_foxFull Member
Posts: 48 · Reputation: 326
#14Mar 4, 2018, 09:38 AM
I think when you think of how he was doing it to brag to online strangers, I highly doubt his father would be included. But the real sad part is that, his father and him will be jailed for a good long while I am sure because of the issue.
The money will be recovered easily for sure, and USA would have lost nothing, but just because a small kid was bullied, he ended up ruining the life of a businessman father and his own youth as well. They will eventually get out, but they will never have a good life again, not like they used to.
cobra_2015Full Member
Posts: 259 · Reputation: 728
#15Mar 4, 2018, 02:46 PM
Details of what happened were shared via a private Telegram group where users tried to prove their wealth. A user named "Lick" shared an Exodus wallet screen showing a TRON address containing approximately $2.3 million.
If he was using the Exodus wallet and sharing his personal photo, he certainly did not have enough knowledge about hacking such wallets, and his father was careless in keeping it in front of him.
alpha_maxiFull Member
Posts: 42 · Reputation: 286
#16Mar 4, 2018, 05:10 PM
You are probably right and it helps prove the point that most people involved in government activities are not top-notch, but second or third rate people who couldn't hack it (pun intended) elsewhere.
byte_orbitFull Member
Posts: 186 · Reputation: 738
#17Mar 6, 2018, 02:06 AM
What is weird about this? It is one of the most common type of thefts, it is just that it has different details. It is very clear:
1. The son is completely stupid, one of the most stupid people imaginable.
2. The father is completely incompetent, one of the most incompetent people imaginable.
3. The company should never have received a contract to deal with security, but often contracts are handed out by connections in the first world too. In Europe this type of corruption is even much higher than in the 3rd world.
People are bored, addicted to dopamine and internet points -- that is why. Often they will write whatever nonsense, social media incentivizes this and this forum even more so. There was no hack here of any kind, this is a basic theft as it gets. It is ass if I stole your $20 that fell out of your pocket while you were walking away. To call this a hack is a joke at best.
I know right, the world is sometimes amazing. Some of the most dumbest and incompetent people get very high paid jobs or contracts. Often those that do the things the best possible way are overlooked by the powers that be for many reasons, it isn't always corruptible nepotism. Those that give out contracts are too stupid to understand the requirements of security, so they give them out wrongly. It is similar to HR departments and recruiters, they often have absolutely no idea what they are doing and hire the worst kind of people and reject the best candidates if they have a formatting error in their CV.
I am very surprised seeing that you said nobody knows how the boy got access to the US crypto wallet under who's watch again? His father's watch goddammit 😁
If one thing, this is a clear indication that the young boy and his daddy must be enjoying a really good and amazing son-daddy relationship, the boy not knowing the meaning of "do not mix work with pleasure" must have thought the US crypto wallet in his dad's custody is something he could play around with when broke-bullied at its slightest.
Anyways, maybe the dad should be given an award as well for being so sensible to have shared the private keys to a wallet belonging to the US government with his son, it's a nice next-of-kin thing, what if something happened to the dad that made him die suddenly and no one else had access to the wallet containing the funds? Lets believe this is why he shared the keys with his son, or no? 😂