TLDR
- A hacker known as “John” flaunted control over $23 million in cryptocurrency during an online exchange.
- The funds were traced back to U.S. government-controlled seizure addresses connected to the Bitfinex hack.
- Blockchain investigator ZachXBT uncovered the hacker’s connection to illicit government funds through wallet analysis.
- John’s wallet received large sums from suspected victims, further complicating the tracing process.
- The hacker’s attempt to show off wealth backfired when forensic analysis revealed the source of the funds.
A hacker, known by the alias “John,” flaunted control over $23 million in cryptocurrency, which was later traced back to illicit U.S. government funds. The individual’s show-off in a heated online exchange revealed assets tied to a past Bitfinex hack. Blockchain investigator ZachXBT uncovered the truth behind the hacker’s “flex,” linking these funds to a $90 million stash with ties to government-controlled seizures.
Funds Traced Back to U.S. Government Seizure
The story began when “John,” also known as “Lick,” posted a video showcasing his control over millions in cryptocurrency. In the footage, John flaunted assets worth $23 million, demonstrating control over various wallets during an online dispute with another hacker. This exchange took place on a platform where cybercriminals often show off their gains in what is called a “band for band” contest.
According to ZachXBT, the investigator who tracked the funds, the amounts shown in John’s wallet were eventually linked back to government-controlled seizure addresses. The wallet associated with John received $24.9 million from a U.S. government address tied to the infamous Bitfinex hack seizure in March 2024. By tracing these funds, ZachXBT confirmed that the crypto linked to John came from a series of high-value criminal assets.
Tracing the Wallets and Funds
John’s wallet received more than $63 million in late 2025 from addresses tied to suspected victims, further complicating the situation. Blockchain analysis revealed that 0xd8bc, one of John’s wallets, received a massive inflow of cryptocurrency. Among the transfers were 4,170 ETH, valued at approximately $12.4 million, moved from a centralized exchange.
Through a deep analysis, ZachXBT traced these funds backward to wallets that held cryptocurrency from the Bitfinex hack. One of these wallets was tied to the U.S. government’s prior seizure of assets, which added to the growing evidence that John was handling illicit funds. As ZachXBT further investigated, he linked John’s wallet to the Bitfinex-related seizure, revealing the true source of the hacker’s flaunted wealth.
An Expensive ‘Flex’ That Backfired
What initially appeared as a victorious display of wealth for John turned out to be a major misstep. The hacker’s attempt to show off $23 million in crypto only led to the exposure of his connection to a large U.S. government asset seizure. Blockchain investigators, such as ZachXBT, used the public information to track the flow of funds, highlighting the hacker’s vulnerability.
John’s actions mirror a prior case in 2024 when hackers flaunted their ill-gotten crypto through a similar social media “flex.” In that incident, the hackers showed off $243 million in stolen funds before being arrested by authorities.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
