ZachXBT Exposes Alleged Wallet Theft by Son of US Government Crypto Custodian CEO
It’s a story that cuts right to crypto’s trust paradox—the very people tasked with securing digital assets might be the weakest link. Blockchain investigator ZachXBT just dropped a bombshell allegation, pointing the finger at the son of a major US government crypto custodian’s CEO for a brazen wallet theft.
The Inside Job Allegation
Forget sophisticated hacks or shadowy foreign agents. This narrative suggests the threat came from within the inner circle. The accusation implies privileged access or information was exploited, bypassing layers of supposed institutional security. It’s the kind of headline that makes retail investors question every custody agreement they’ve ever signed—after all, what’s the point of KYC if the family can’t be trusted?
A Crisis of Custody
The fallout hits where it hurts: credibility. Government-linked custodians sell safety and compliance, not drama. An allegation like this doesn’t just stain one firm; it throws a cynical light on the entire ‘trusted third-party’ model that traditional finance is trying to build in Web3. It’s almost poetic—a sector born from distrust of banks now grappling with whether the new guards are any better than the old ones.
Regulatory Reckoning Looms
Expect regulators to pounce. This isn’t just another DeFi exploit; it’s a potential breach in a federally connected pipeline. Scrutiny will intensify, audits will multiply, and compliance costs will soar—classic finance, always finding a way to monetize fear. The irony? More rules often just create more elaborate loopholes for the well-connected.
The narrative here is brutally simple: in the rush to legitimize crypto, the industry may have installed the same flawed human gatekeepers it sought to escape. The code might be immutable, but the people behind the custodial wallets clearly are not.
CMDSS Awarded US Marshals Contract to Handle Non-Mainstream Seized Crypto
Public records show that CMDSS, based in Haymarket, Virginia, was awarded a contract in October 2024 to assist the Marshals Service with the custody and disposal of so-called “Class 2–4” digital assets.
These include tokens that are not supported by major centralized exchanges and often require bespoke handling.
The allegations have not been tested in court, and no criminal charges have been announced. CMDSS did not respond to requests for comment at the time of publication.
ZachXBT’s claims expand on an investigation he published on Jan. 23, which linked the same online persona to more than $90 million in suspected illicit crypto activity.
That probe traced funds back to a U.S. government wallet associated with assets seized from the 2016 Bitfinex hack.
The investigation gained traction after a recorded dispute in a Telegram group chat between “Lick” and another individual.
Update: The CMDSS company X account, website, & LinkedIn were all just deactivated pic.twitter.com/nvN6u5XMPq
— ZachXBT (@zachxbt) January 25, 2026The exchange, described as a “band-for-band” argument, involved both parties attempting to demonstrate control over large crypto balances.
During the exchange, “Lick” screen-shared an Exodus wallet displaying a TRON address holding roughly $2.3 million, followed by a live transfer of about $6.7 million in ether.
By the end of the session, approximately $23 million had been consolidated into a single wallet.
By tracing transactions backward, ZachXBT linked that wallet to an address that received $24.9 million from a US government-controlled wallet in March 2024.
The government address was tied to funds seized in the Bitfinex case. ZachXBT had previously flagged unusual activity in October 2024, when around $20 million was drained from similar government wallets.
Most of those funds were returned within 24 hours, though roughly $700,000 routed through instant exchanges was not recovered.
CMDSS Contract Faced Prior Scrutiny as GAO Rejected Protest
CMDSS’s role as a government contractor has drawn scrutiny before.
After losing the Marshals Service contract, Wave Digital Assets filed a protest with the Government Accountability Office, arguing that CMDSS lacked proper regulatory registrations and raising concerns over potential conflicts of interest involving a former Marshals Service official.
The GAO ultimately denied the protest.
Questions around crypto custody have also been raised more broadly. A February 2025 CoinDesk report said the Marshals Service struggled to account for its digital asset holdings, citing weak inventory controls and an inability to estimate its bitcoin reserves.
As reported, illicit cryptocurrency addresses received a record $154 billion in 2025, a sharp increase from the year before.
