On-chain data revealed that a wallet linked to John “Lick” controls 40% of LICK’s supply after the launch of Pump.fun.
A newly launched meme coin called LICK has come under scrutiny after on-chain data linked its creation to John Daghita, also known online as “Lick,” who is accused of stealing $40 million from the US government.
In its latest update, blockchain analytics platform Bubblemaps reported that Daghita recently launched LICK on the Solana-based meme coin launch platform, Pump.fun, and was actively livestreaming on Telegram to promote the token. According to the data shared, one wallet linked to Daghita holds approximately 40% of the total LICK supply, which has led to immediate centralization and risk issues.
Bubblemaps described the situation as ‘unhinged’.
From seized funds to Pump.fun
The Bubblemaps update comes just days after prominent on-chain researcher ZachXBT published a detailed finding linking the “Lick” to wallets linked to large-scale suspected thefts and funds linked to US government seizure addresses. ZachXBT said its investigation stemmed from a leaked recording of a private group chat, in which a threat actor named “John” was seen sharing wallet balances and moving millions of dollars in cryptocurrency during an altercation with another actor.
According to ZachXBT, the dispute escalated to “band for tape,” a practice in cybercrime circles in which participants attempt to prove their wealth by showing and transferring money in real time. The investigator stated that the recording showed John operating multiple wallets and moving significant amounts of crypto while being filmed, allowing the wallets to be traced afterwards.
After analyzing the footage, the detective reported that the wallets shown in the recording could be linked to more than $90 million in suspected thefts. He said one wallet in the transaction chain received 1,066 WETH on November 20, 2025, which he traced back to a wallet that received $24.9 million from a U.S. government address in March 2024.
Ties with Bitfinex funds
ZachXBT claimed that this address was linked to funds seized from the Bitfinex hack, which he previously reported in October 2024. He further claimed that the same wallet received over $63 million in inflows from suspected victims and government seizure-related addresses in the fourth quarter of 2025, along with another 4,170 ETH, worth approximately $12.4 million at the time, originating from MEXC.
You might also like:
John had a long history of bragging about his net worth on Telegram and sharing identifying information tied to those messages, according to ZachXBT, who also added that rumors in cybercrime channels indicated that the person could be John Daghita, who was arrested in September 2025, although he acknowledged that further confirmation was needed.
The investigator asked additional questions about access to seized funds, while citing that John’s father owns CMDSS, a company with an active US Marshals Service contract related to the management of forfeited crypto assets. He emphasized that it is still unclear how access occurred.
Meanwhile, public statements from officials confirmed that the US government is investigating the matter.
SECRET PARTNERSHIP BONUS for CryptoPotato readers: Use this link to register and unlock $1,500 in exclusive BingX Exchange rewards (limited time offer).
#Bubblemaps #Highlights #LICK #Token #OnChain #Data #Connections #Launch #Alleged #Million #Government #Theft