Bubblemaps Flags LICK Token as On-Chain Data Ties Launch to Alleged $40M US Government Theft
A newly launched meme coin called LICK has come under scrutiny after on-chain data linked its creation to John Daghita, also known online as “Lick,” who has been accused of stealing $40 million from the US government.
In its latest update, blockchain analytics platform Bubblemaps reported that Daghita recently launched LICK on Solana-based meme coin launchpad, Pump.fun, and has been actively live-streaming on Telegram to promote the token. According to the data shared, a single wallet linked to Daghita holds roughly 40% of the total LICK supply, which has sparked immediate centralization and risk concerns.
Bubblemaps described the situation as “unhinged.”
From Seized Funds to Pump.fun
The Bubblemaps update comes just days after prominent on-chain investigator ZachXBT published a detailed finding connecting the “Lick” to wallets tied to large-scale suspected thefts and funds linked to US government seizure addresses. ZachXBT said his investigation stemmed from a leaked recording of a private group chat, in which a threat actor named “John” was seen screensharing wallet balances and moving millions of dollars’ worth of cryptocurrency during an argument with another actor.
According to ZachXBT, the dispute escalated into “band for band,” a practice in cybercrime circles where participants attempt to prove wealth by displaying and transferring funds in real time. The investigator stated that the recording showed John controlling multiple wallets and moving significant amounts of crypto while being filmed, which allowed the wallets to be traced afterward.
After analyzing the footage, the on-chain sleuth reported that the wallets displayed in the recording could be linked to more than $90 million in suspected thefts. He said that one wallet in the transaction chain received 1,066 WETH on November 20, 2025, which he traced back to a wallet that had received $24.9 million from a US government address in March 2024.
Ties to Bitfinex Funds
ZachXBT claimed this address was connected to funds seized from the Bitfinex hack, which he previously reported on in October 2024. He further claimed that the same wallet received over $63 million in inflows from suspected victims and government seizure-related addresses during the fourth quarter of 2025, along with an additional 4,170 ETH, worth about $12.4 million at the time, originating from MEXC.
John had a long history of boasting about his net worth on Telegram and shared identifiers tied to those messages, as per ZachXBT, who also added that rumors in cybercrime channels indicated the individual could be John Daghita, who was arrested in September 2025, though he acknowledged that further confirmation was needed.
The investigator raised additional questions about access to seized funds, while citing that John’s father owns CMDSS, a company holding an active US Marshals Service contract related to managing forfeited crypto assets. He stressed that it remains unclear how any access may have occurred.
Meanwhile, public statements from officials confirmed that the US government authorities are investigating the matter.
The post Bubblemaps Flags LICK Token as On-Chain Data Ties Launch to Alleged $40M US Government Theft appeared first on CryptoPotato.
