An 18-Year-Old Hacker Brags on Discord, Accidentally Reveals a $19 Million Theft Case

marsbitPubblicato 2026-05-13Pubblicato ultima volta 2026-05-13

Introduzione

An 18-year-old American hacker, Dritan Kapllani Jr., has been exposed by on-chain investigator ZachXBT for allegedly masterminding a series of social engineering attacks that stole approximately $19 million from crypto users. The investigation began after a Discord voice call on April 23, 2026, where Dritan shared his screen to boast, revealing an Exodus wallet holding around $3.68 million. Tracing this address, ZachXBT linked it to a major March 14, 2026 theft of 185 BTC (worth ~$13 million at the time), with about $5.3 million of that sum funneled into Dritan's wallet. Further analysis revealed the wallet also contained over $5.85 million from multiple social engineering thefts dating back to 2025. In a May 11, 2026 unsealed criminal complaint against another individual, Trenton Johnson, a key co-conspirator marked "CC-1" is identified, with the on-chain community pointing to Dritan. While not formally charged yet, he is now named in the judicial narrative. Another individual, Meme coin KOL yelotree, faces charges for allegedly assisting in money laundering. Dritan, known for a lavish lifestyle on social media, was previously seen as having a "protagonist aura" within hacking circles, evading consequences as associates were apprehended. However, now that he has turned 18, he is facing legal accountability for his past actions.

Author | Asher(@Asher_0210)

Last night, on-chain investigator ZachXBT exposed an 18-year-old hacker from the United States named Dritan Kapllani Jr. According to the disclosed information, this young man is suspected of involvement in multiple social engineering attacks targeting crypto users, with a total involved amount of approximately $19 million. Although he has not been formally charged yet, he has been included in U.S. judicial documents as a 'co-conspirator'.

This case quickly drew attention, not only due to the massive amount involved but also because of its highly dramatic starting point—a voice call meant for showing off wealth became the breakthrough for the entire investigation.

Just Bragged Once on Discord

On April 23, 2026, a dispute in a Discord voice channel kicked off this series of events.

It was a voice call known as 'Band 4 Band', where participants compared their 'strength' in the most direct way—by displaying their holdings. The atmosphere quickly shifted from banter to competition. Driven by this mood, in order to prove he was richer, Dritan directly started a screen share, showing his Exodus wallet interface with a balance of about $3.68 million.

A few weeks later, this scene was revisited. On-chain investigator ZachXBT started from this address, piecing together originally scattered transactions one by one, gradually revealing a longer trail of funds.

A Trail of 185 Bitcoin Theft Funds Emerges

Going back to March 14, 2026, a social engineering theft involving 185 Bitcoins occurred, valued at about $13 million at the time. The funds were quickly moved out of the original address and rapidly entered an on-chain splitting system.

Just the next day, approximately $5.3 million of it was transferred into the wallet Dritan had shown during the Discord voice call (address: 0x4487db847db2fc99372a985743a26f46e0b2bba6). Over the following weeks, this sum of about $5.3 million was continuously split, transferred through multiple addresses, and flowed to different destinations. By the time of the April 23rd voice conversation, about $1.6 million had been further moved.

Not the First Time Involved in Crypto Theft

Tracing back from the wallet address Dritan showed, it soon became clear that the funds inside weren't just from that 185 Bitcoin theft.

According to on-chain analysis, the funds in this wallet can be traced back to multiple social engineering thefts in 2025, totaling over $5.85 million. Different victims, different times, but after the funds were transferred away, they would be quickly split, then moved through a series of addresses, following a very similar path. Matching up these funds transaction by transaction shows that many transfers ultimately landed in this wallet address Dritan displayed.

It's worth noting that Dritan once had a 'Band 4 Band' dispute with hacker John Daghita (Lick). Lick was later arrested for allegedly stealing approximately $46 million in U.S. government funds. In a later deleted Telegram post, he had publicly disclosed Dritan's old address (address: 0x97da0685dbba50b4cbabb0ca9e8336f4fbe41122), an act now appearing more like retaliation.

Judging from the on-chain behavior, this old address is highly consistent with the fund flow of the wallet Dritan displayed in terms of fund splitting methods, transfer paths, and subsequent destinations, and is therefore believed to be used by the same controlling party.

First Official 'Mention' in Judicial Documents

It wasn't until May 11, 2026, that this on-chain fund trail was formally confirmed for the first time in a judicial document. That day, the criminal indictment against Trenton Johnson was unsealed. He was charged for his involvement in the 185 Bitcoin theft case and faces up to 40 years in prison.

In the indictment, a key co-conspirator is labeled as 'Co-Conspirator 1 (CC-1)', and the on-chain analysis community has linked this identity to Dritan Kapllani Jr. Although Dritan has not been formally charged yet, he has moved from being an 'associated address' in on-chain inference to a 'co-conspirator' in the judicial narrative.

Furthermore, the same document mentions another involved person—Meme coin KOL yelotree, who is accused of assisting in money laundering through his Miami-based car rental business and faces up to 30 years in prison.

Turning 18, The End of a Decadent Life

Previously, Dritan had long lived a lavish lifestyle, frequently posting related content on Instagram and interacting with other hackers via Telegram. Within hacker circles, he was once considered to have a sort of 'protagonist aura'—multiple associated groups around him (such as ACG, 41 / RM Boyz, etc.) were successively dealt with by law enforcement, yet he himself remained untouched.

However, as he turned 18, this 'aura' came to an end, and his past actions began to be pursued legally.

Domande pertinenti

QWho exposed the 18-year-old hacker Dritan Kapllani Jr. and what was the alleged total amount involved?

AHe was exposed by on-chain detective ZachXBT. He is alleged to have participated in multiple social engineering attacks targeting crypto users, with a cumulative amount involved of approximately $19 million.

QWhat was the dramatic starting point for the investigation into Dritan Kapllani Jr.'s activities?

AThe investigation began after he screen-shared his Exodus wallet, showing a balance of about $3.68 million, during a 'Band 4 Band' argument in a Discord voice call where participants compared their wealth.

QAccording to the article, which specific wallet address did Dritan share in the Discord call, and what major theft was it linked to?

AThe wallet address he shared was 0x4487db847db2fc99372a985743a26f46e0b2bba6. It was linked to a 185 Bitcoin social engineering theft worth about $13 million that occurred on March 14, 2026, with approximately $5.3 million from that theft flowing into this address.

QWhat is Dritan Kapllani Jr.'s current legal status according to the unsealed indictment against Trenton Johnson?

AIn the unsealed criminal indictment against Trenton Johnson, Dritan Kapllani Jr. is referred to as 'Co-Conspirator 1 (CC-1).' While he has not been formally charged yet, he has been officially named as a co-conspirator in the judicial narrative.

QHow did the article describe the change in Dritan Kapllani Jr.'s situation after he turned 18?

AThe article states that after turning 18, his 'main character halo' (a perception of immunity) ended. His past actions are now subject to legal accountability, marking an end to his previously lavish and seemingly consequence-free lifestyle.

Letture associate

Liberland Fires Tech Secretary After Alleged Blockchain And Website Takeover Attempt

Liberland's congress has voted to remove Technology Secretary Dorian Stern Vukotić, following a resolution accusing him of attempting to hijack the Liberland.org domain, removing administrative multisig protections, blocking the president from voting, and launching unauthorized tokens. The incident serves as a case study in blockchain governance, highlighting risks that go beyond smart contracts to include control over domains, admin keys, and off-chain authority. For the crypto industry, it underscores the need to scrutinize decentralization claims against operational realities, where a small group can still compromise governance. The story reflects a broader market shift where infrastructure security and governance are becoming as critical as price action. Editorial framing should treat the development as a verified information signal about governance risks, avoiding overstatement of Liberland's legal status and leaving room for follow-up evidence.

bitcoinist5 min fa

Liberland Fires Tech Secretary After Alleged Blockchain And Website Takeover Attempt

bitcoinist5 min fa

How to Do Research Well: Deliberately Practice the Real Skills That Matter

No one truly teaches you how to do research. You're often given a desk, a pre-selected problem, and vague instructions to "create something new." Consequently, many people reverse-engineer the job based on visible outputs—papers, posts, announcements—learning only how to *appear* like a researcher rather than how to *become* one. True research capability is built from stacking small, trainable skills, nearly all of which can be developed through deliberate practice. **Pick Your Own Problem:** Most researchers absorb problems from advisors or trends, lacking the underlying reasoning. Choosing a problem you genuinely care about, as John Schulman advises, leads to original work. Develop "taste" like a muscle: predict experiment outcomes, guess paper results from methods, and track which findings remain important over time. **Upgrade Your Inputs:** Relying on shared reading lists (arXiv hot lists, filtered group chats) leads to unoriginal conclusions. Undervalued old literature often holds crucial insights (e.g., MoE, LSTM, backpropagation). Richard Sutton's "The Bitter Lesson" or Claude Shannon's 1952 talk on creative thinking are more predictive than lengthy modern surveys. Breadth matters as much as depth: draw from neuroscience, mechanism design, hardware knowledge, and honest statistics. Read papers directly, especially appendices and limitations sections. **Write Everything Down:** As Paul Graham noted, writing exposes flaws in seemingly mature ideas. Writing is the cheapest defense against self-deception. Following Feynman's principle, Darwin programmatically wrote down facts contradicting his theory to combat memory bias. Maintain a detailed log of hypotheses, setups, predictions, results, and updated understandings. Reviewing past logs fosters essential humility.

marsbit1 h fa

How to Do Research Well: Deliberately Practice the Real Skills That Matter

marsbit1 h fa

Backpack Surges Over 150% in Half a Month

BP, the token of the Backpack exchange, has surged over 150% since early June, driven by the platform's expansion into regulated US stock brokerage and asset tokenization services. On June 2nd, Backpack announced Backpack Securities, offering traditional stock trading and tokenization, causing BP's price to jump over 80%. Momentum continued on June 12th with the launch of SPCX, a tokenized product for SpaceX stock on Solana, facilitating seamless conversion between traditional securities and on-chain assets. This aligns with the RWA (Real World Assets) narrative, creating a bridge between traditional finance and Solana DeFi. The token's unique economics also support its growth. All 2.5 billion initially circulating tokens were airdropped to the community, with zero allocation to the team or investors at launch. A key feature allows users who stake BP for at least one year to gain the right to convert tokens into company equity upon an IPO or acquisition. Despite some initial community controversy over airdrop distribution, focus is shifting to BP's long-term utility and value alignment as real products launch.

marsbit1 h fa

Backpack Surges Over 150% in Half a Month

marsbit1 h fa

Following US Ban on Fable 5, Zhipu AI's Stock Soars 47%

On June 15th, shares of Zhipu AI surged dramatically on the Hong Kong stock market, peaking at a 47.6% gain before closing 32.82% higher. This sharp increase was directly triggered by two recent industry events. On June 12th, Anthropic announced it was suspending global access to its latest flagship models, Claude Fable 5 and Claude Mythos 5, to comply with a U.S. government export control order. The next day, Zhipu AI announced it would open access to its latest open-source flagship model, GLM-5.2, under the permissive MIT license. The Anthropic incident highlighted a critical issue beyond raw model capability: the risk of sudden, unpredictable loss of access to advanced AI models, especially for developers and enterprises deeply integrated with them. This has shifted industry and market focus toward factors like stability, sustainable access, and controllability. Zhipu's move, promoting "frontier intelligence for all," positions its openly available model as a reliable and accessible alternative. The GLM-5.2 model emphasizes "Long Horizon Task" capabilities with a 1M context window, targeting complex, multi-step coding and engineering workflows where maintaining context is crucial. Analysts note this event exposes the risk of dependency on closed-source models subject to single jurisdictional controls, potentially accelerating a shift toward domestic base models and localized deployments. The market's reaction signals a new valuation dimension in AI: providers who can offer stable, long-term, and sustainably accessible AI capabilities are gaining strategic importance.

marsbit1 h fa

Following US Ban on Fable 5, Zhipu AI's Stock Soars 47%

marsbit1 h fa

Fully Entering the AI Era: Alipay Bets on Conversation, WeChat Holds Fast to Social

In May 2026, Alipay announced over 300 million AI payment transactions. Shortly after, WeChat opened its mini-programs for AI integration, sparking controversy by requiring developer source code access. This highlights their diverging approaches to AI integration. Alipay is testing "Project Treasure," an optional AI-native interface replacing traditional app grids with a conversational window. Users can command complex tasks (e.g., "book a ride and order coffee") handled end-to-end by AI. This shift follows an abandoned standalone AI app, focusing instead on enhancing its existing user base. For unmodified mini-programs, Alipay's AI uses "screen-reading" to simulate user interactions, bypassing the need for developer overhaul. It also introduced "Token Pay" for micro-transactions and "AI Wallets" for autonomous agent spending. WeChat, prioritizing its core social function, is taking an embedded approach. Its AI agent will operate within existing contexts like group chats and official accounts, assisting without a separate interface. To enable this, WeChat offers developers two paths: granting source code access for direct AI control ("Automatic Mode") or manually encapsulating services into standardized "Skills." Both place significant burden on developers. Key differences emerge in handling legacy services: WeChat demands developer cooperation (code or labor), while Alipay's screen-reading offers immediate, if potentially less stable, compatibility. Alipay's 3 billion AI transactions demonstrate user acceptance of AI-driven commercial actions. The divergent strategies may reshape mini-program ecosystems—Alipay passively "AI-fying" services, WeChat potentially favoring resource-rich developers—and set competing technical standards. Ultimately, the competition centers on where users entrust the command to "help me get things done."

marsbit1 h fa

Fully Entering the AI Era: Alipay Bets on Conversation, WeChat Holds Fast to Social

marsbit1 h fa

Trading

Spot

Futures

Articoli Popolari

Come comprare NIGHT

Benvenuto in HTX.com! Abbiamo reso l'acquisto di Midnight (NIGHT) semplice e conveniente. Segui la nostra guida passo passo per intraprendere il tuo viaggio nel mondo delle criptovalute.Step 1: Crea il tuo Account HTXUsa la tua email o numero di telefono per registrarti il tuo account gratuito su HTX. Vivi un'esperienza facile e sblocca tutte le funzionalità,Crea il mio accountStep 2: Vai in Acquista crypto e seleziona il tuo metodo di pagamentoCarta di credito/debito: utilizza la tua Visa o Mastercard per acquistare immediatamente MidnightNIGHT.Bilancio: Usa i fondi dal bilancio del tuo account HTX per fare trading senza problemi.Terze parti: abbiamo aggiunto metodi di pagamento molto utilizzati come Google Pay e Apple Pay per maggiore comodità.P2P: Fai trading direttamente con altri utenti HTX.Over-the-Counter (OTC): Offriamo servizi su misura e tassi di cambio competitivi per i trader.Step 3: Conserva Midnight (NIGHT)Dopo aver acquistato Midnight (NIGHT), conserva nel tuo account HTX. In alternativa, puoi inviare tramite trasferimento blockchain o scambiare per altre criptovalute.Step 4: Scambia Midnight (NIGHT)Scambia facilmente Midnight (NIGHT) nel mercato spot di HTX. Accedi al tuo account, seleziona la tua coppia di trading, esegui le tue operazioni e monitora in tempo reale. Offriamo un'esperienza user-friendly sia per chi ha appena iniziato che per i trader più esperti.

326 Totale visualizzazioniPubblicato il 2025.12.08Aggiornato il 2026.06.02

Discussioni

Benvenuto nella Community HTX. Qui puoi rimanere informato sugli ultimi sviluppi della piattaforma e accedere ad approfondimenti esperti sul mercato. Le opinioni degli utenti sul prezzo di NIGHT NIGHT sono presentate come di seguito.