18-Year-Old Hacker's Boastful Discord Display Leads to Uncovering of $19 Million Theft Case

Odaily星球日报Publicado em 2026-05-13Última atualização em 2026-05-13

Resumo

An 18-year-old hacker from the U.S., Dritan Kapllani Jr., has been exposed by on-chain investigator ZachXBT for his alleged involvement in multiple cryptocurrency social engineering attacks, with total funds stolen estimated at $19 million. The case gained attention after Dritan inadvertently revealed his involvement during a Discord voice call in April 2026, where he screen-shared his Exodus wallet containing approximately $3.68 million to show off his wealth during a "Band 4 Band" argument. Tracing this wallet address led investigators to uncover its connection to a major theft from March 14, 2026, where 185 Bitcoin (worth around $13 million at the time) was stolen. Approximately $5.3 million from that heist was funneled into Dritan’s wallet. Further analysis linked the same wallet to over $5.85 million from other social engineering attacks dating back to 2025. While Dritan has not yet been formally charged, he is identified as "Co-Conspirator 1" in recently unsealed court documents related to the 185 Bitcoin theft case. Another individual, Meme coin KOL yelotree, is also implicated for allegedly assisting with money laundering through a car rental business. Dritan, who had been living a lavish lifestyle and was previously seen as untouchable within hacking circles, turned 18 recently, making him legally accountable. His previous "immunity" has ended as law enforcement closes in.

Original | Odaily Planet Daily(@OdailyChina)

Author | Asher(@Asher_ 0210)

Last night, on-chain investigator ZachXBT exposed an 18-year-old hacker from the United States named Dritan Kapllani Jr. According to the disclosed information, this young man named Dritan Kapllani Jr. is suspected of involvement in multiple social engineering attacks targeting cryptocurrency users, with an estimated total amount involved of approximately $19 million. Although he has not been formally charged yet, he has already been included as a 'co-conspirator' in U.S. judicial documents.

This case quickly attracted attention, not only because of the massive amount involved but also because its starting point was highly dramatic—a voice call meant for showing off wealth became the breakthrough for the entire investigation.

Just Showing Off Wealth Once on Discord

On April 23, 2026, a dispute that occurred in a Discord voice channel kicked off the incident.

It was a voice call known as 'Band 4 Band,' where participants compared their 'strength' in the most direct way—by showcasing their respective assets. The atmosphere soon shifted from teasing to rivalry. Driven by this sentiment, Dritan, to prove he was richer, directly started screen sharing and displayed his Exodus wallet interface, showing a balance of about $3.68 million.

A few weeks later, this scene was revisited. On-chain investigator ZachXBT used this address as a starting point, linking together what were originally scattered transactions one by one, gradually revealing a longer funding trail.

A Cache of 185 Bitcoin Theft Funds Surfaces

Going back to March 14, 2026, a social engineering theft involving 185 Bitcoins occurred, valued at around $13 million at the time. The funds were quickly transferred out of the original address and swiftly entered an on-chain distribution system.

As early as the next day, about $5.3 million of it was transferred into the wallet Dritan displayed during the Discord voice call (address: 0x4487db847db2fc99372a985743a26f46e0b2bba6). Over the next few weeks, this approximately $5.3 million was continuously split, transferred through multiple addresses, and sent to various destinations. By the time of that April 23 voice conversation, about $1.6 million had already been further moved.

Not the First Time Involved in Crypto Theft

Tracing back from the wallet address Dritan displayed, it quickly became apparent that the funds in it didn't only come from that 185 Bitcoin theft.

According to on-chain analysis, the funding sources for this wallet can be traced back to multiple social engineering thefts in 2025, totaling over $5.85 million. Different victims, different times, but after the funds were transferred away, they would be rapidly split and then moved on through a string of addresses, following a very similar pattern. By matching these funds one by one, it was found that many transfers eventually landed in this wallet address Dritan displayed.

It's worth noting that Dritan once had a 'Band 4 Band' dispute with hacker John Daghita (Lick). Lick was later arrested for allegedly stealing about $46 million in U.S. government funds, and in a later-deleted Telegram post, he had publicly shared Dritan's old address (address: 0x97da0685dbba50b4cbabb0ca9e8336f4fbe41122). Currently, this move appears more like an act of retaliation.

Judging from on-chain behavior, this old address showed a highly consistent pattern with the funds flow of the wallet Dritan displayed in terms of fund splitting methods, transfer paths, and subsequent destinations, and is therefore believed to be used by the same controlling party.

Judicial Documents 'Name' Him for the First Time

It wasn't until May 11, 2026, that this on-chain funding trail was officially confirmed for the first time in judicial documents. That day, the criminal indictment against Trenton Johnson was unsealed. He was charged for his involvement in that 185 Bitcoin theft case and faces up to 40 years in prison.

In the indictment, a key co-conspirator is labeled as 'Co-Conspirator 1 (CC-1),' and the on-chain analysis community has already pointed this identity towards Dritan Kapllani Jr. Although Dritan has not been formally charged yet, he has transitioned from a 'linked address' in on-chain inference to a 'co-conspirator structure' in the judicial narrative.

Additionally, the same document mentions another individual involved—Meme coin KOL yelotree, who is accused of assisting in money laundering through his car rental business in Miami and faces up to 30 years in prison.

Turning 18, The Dissolute Life Comes to an End

Previously, Dritan had been living a life of extravagance for a long time, frequently posting related content on Instagram and interacting with other hackers via Telegram. In hacker circles, he was once considered to have a kind of 'protagonist aura'—several groups associated with him (like ACG, 41 / RM Boyz, etc.) were successively dealt with by law enforcement, yet he himself remained untouched.

But as he turned 18, this 'aura' ended, and his past actions began to be pursued legally.

Perguntas relacionadas

QWho exposed the 18-year-old hacker Dritan Kapllani Jr., and what was the initial trigger for the investigation?

AThe hacker was exposed by blockchain investigator ZachXBT. The investigation was triggered by Dritan showing off his Exodus wallet (with a balance of about $3.68 million) during a 'Band 4 Band' Discord voice call on April 23, 2026.

QWhat is the total estimated value linked to the social engineering attacks involving Dritan Kapllani Jr.?

AThe cumulative amount linked to the social engineering attacks involving Dritan Kapllani Jr. is approximately $19 million.

QHow did a specific 185 Bitcoin theft connect to Dritan's wallet, and what happened to the funds?

AIn the 185 Bitcoin theft on March 14, 2026 (worth about $13 million at the time), approximately $5.3 million was transferred into the Exodus wallet Dritan later showed off. This money was then split and moved through multiple addresses, with about $1.6 million transferred out before the Discord call.

QWhat is Dritan Kapllani Jr.'s status in the US legal case (Trenton Johnson) related to the 185 Bitcoin theft?

AIn the unsealed criminal complaint against Trenton Johnson, Dritan Kapllani Jr. is referenced as 'Co-Conspirator 1 (CC-1).' While he has not been formally charged yet, his role has moved from a blockchain-inferred association to being officially identified as a co-conspirator in the judicial narrative.

QAccording to the article, why did Dritan's perceived 'main character halo' in the hacker community end?

ADritan's perceived 'main character halo' in the hacker community ended because he turned 18 years old. Upon reaching legal adulthood, his past actions became subject to legal consequences and prosecution.

Leituras Relacionadas

From Banning Doubao to Embracing Honor: Why Did WeChat Suddenly 'Change Its Face'?

The article explores the sudden shift in WeChat's strategy towards AI assistants from mobile phone manufacturers, transitioning from strict opposition to active collaboration. For over a year, WeChat fiercely resisted attempts by phone AI assistants (like ByteDance's Doubao in late 2025) to control its features via GUI automation ("simulated clicking"), citing security and data control concerns. This stance created a significant barrier for system-level AI integration. Now, Tencent has initiated A2A (Agent-to-Agent) partnerships with major phone brands like Honor, Xiaomi, OPPO, and vivo. This model allows a phone's system AI (e.g., Honor's YOYO) to parse a user's voice command and send a structured request directly to WeChat's own internal AI agent via secure APIs. WeChat then executes the action (e.g., sending a message) and returns the result. The article attributes Tencent's "change of face" to strategic pressure. While leading in social app usage, Tencent trails rivals like ByteDance and Alibaba in standalone AI app popularity. WeChat, with its vast mini-program ecosystem, is Tencent's key asset for an AI comeback. The upcoming WeChat AI agent aims to handle tasks like booking and payments within the app. However, phone system assistants remain the primary AI entry point for most users. The A2A collaboration allows Tencent to extend WeChat's AI reach to this crucial system layer while maintaining control over its core functions and data. For phone manufacturers, embracing A2A is a pragmatic move. The GUI route proved unviable due to WeChat's blocks. A2A offers a compliant path to integrate a vital service, enhancing their AI assistants' usefulness. It allows them to focus on developing their own AI ecosystems for other services while cooperating on WeChat access. The collaboration is framed as a mutual, strategic necessity: Tencent gains a distribution channel, and manufacturers gain a key functionality. The partnership relies on a "dual authorization" mechanism for security, requiring both user and app consent for each action. While questions about long-term data privacy practices remain, experts note A2A is more secure and compliant than GUI automation. Ultimately, this cooperation is seen as a tentative, calculated truce. Tencent's long-term goal is to make WeChat an AI-powered "service OS." Phone manufacturers aim to make their system AI the central user interface. Their paths may converge or clash in the future, but for now, the A2A deal represents the opening chapter in the battle for the AI-era user入口, driven by necessity and strategic calculus on both sides.

marsbitHá 43m

From Banning Doubao to Embracing Honor: Why Did WeChat Suddenly 'Change Its Face'?

marsbitHá 43m

On-Chain Figures on the Eve of Kickoff: 1.6 Billion Traded Before the World Cup Even Begins

"On-Chain Numbers on the Eve of the World Cup: $1.6 Billion Traded Before Kick-off" Analysis of on-chain markets before the 2026 FIFA World Cup reveals significant crypto integration into football. The most striking figure is the approximately **$1.6 billion** in total trading volume on the single "World Cup Winner" contract on the Polymarket prediction market platform, accumulated before a single match was played. This represents explosive growth for a sector whose annual volume surged from ~$16B in 2024 to ~$64B in 2025. The ecosystem is maturing beyond speculation. Key developments include: 1) **Infrastructure upgrades** like Polymarket's migration to native, regulated USDC stablecoin for settlements; 2) **Reliable data oracles**, such as Chainlink, being used to resolve real-world match outcomes on-chain; and 3) **Official recognition**, with FIFA appointing its first-ever "Prediction Markets" partner. Over 100 contracts now cover everything from the outright winner to individual match results and even non-sporting risks like venue relocation. This evolution marks a fundamental shift. While crypto firms are absent from FIFA's top-tier sponsor list, the technology has deeply penetrated the tournament's financial and predictive infrastructure through regulated stablecoin settlements, decentralized oracles, and new official partnership categories. The regulatory landscape remains complex and varies by jurisdiction, but on-chain markets for the World Cup are already a multi-billion-dollar reality.

marsbitHá 1h

On-Chain Figures on the Eve of Kickoff: 1.6 Billion Traded Before the World Cup Even Begins

marsbitHá 1h

From SpaceX's IPO to the Future of Crypto: Which Crypto Sectors Will Host the Trillion-Dollar Narrative?

From the SpaceX IPO, which targets a $750 billion raise at a $1.77 trillion valuation, we can extrapolate capital flow trends relevant to crypto. The focus shifts from speculative narratives to foundational infrastructure and real-world asset (RWA) integration. Key crypto sectors poised to benefit include: 1. **AI Infrastructure**: The narrative is moving from consumer-facing AI applications to underlying, scarce resources like compute power and decentralized GPU networks (e.g., TAO, RENDER, AKT, IO). These protocols are positioning as the essential "picks and shovels" providers for the AI economy. 2. **Real-World Assets (RWA)**: Beyond tokenized treasury bonds, RWA's future lies in on-chain equity and pre-IPO assets like SpaceX. This could democratize access to high-growth assets and reshape global capital flows, benefiting infrastructure projects like ONDO, LINK, and Plume that facilitate issuance, data, and liquidity. 3. **Core Financial Infrastructure**: Stablecoins, payment networks, and DePIN (Decentralized Physical Infrastructure Networks) are critical for settling the future on-chain economy. Their role expands from internal trading tools to foundational layers for global finance, AI systems, and real-world asset networks, leading to potential value reassessment. In summary, the next cycle may prioritize long-term infrastructure value—AI compute, asset tokenization networks, and settlement layers—over short-lived application hype, mirroring the broader market's shift towards funding the foundational systems of the future.

marsbitHá 1h

From SpaceX's IPO to the Future of Crypto: Which Crypto Sectors Will Host the Trillion-Dollar Narrative?

marsbitHá 1h

Bitcoin Drops To $59,000 For First Time Since 2024: Crypto’s Total Value Sheds $2 Trillion Since October

Bitcoin's decline accelerated on Friday, dropping to approximately $59,685, its lowest point since October 2024. This sell-off has extended across the broader cryptocurrency market, erasing over $2 trillion in value from its October 2025 peak of around $4.2 trillion. Major factors cited include significant outflows from Bitcoin ETFs and renewed geopolitical tensions. Other major cryptocurrencies, including Ethereum, XRP, Solana, and Dogecoin, also experienced significant drops, with Ethereum falling over 12% to its lowest level since April 2025. Market sentiment has deteriorated sharply, with the crypto Fear & Greed Index indicating "extreme fear." Bitcoin is now down more than 50% from its all-time high of about $126,000 in October, with its market capitalization falling from roughly $2.5 trillion to $1.2 trillion. Looking ahead, some traders project Bitcoin could recover to around $65,000 by year-end, but this would still leave it far below its previous peak, suggesting a full recovery from current losses may not be imminent.

bitcoinistHá 2h

Bitcoin Drops To $59,000 For First Time Since 2024: Crypto’s Total Value Sheds $2 Trillion Since October

bitcoinistHá 2h

Crypto Market Plunges: Bitcoin Breaks Below $60k, Ethereum Drops Over 10%, Strategy Hunted by Short Sellers

Bitcoin experienced a severe sell-off, falling below $60,000 to its lowest point since October 2024, with weekly losses reaching 16%. The decline was triggered by Michael Saylor's MicroStrategy selling part of its Bitcoin holdings, which sparked hundreds of millions in forced liquidations. Stronger-than-expected U.S. jobs data then pushed Treasury yields higher, further pressuring risk assets like crypto. MicroStrategy's stock plummeted 24% for the week, its worst performance since late 2022, as bearish bets against the company surged. The sell-off was exacerbated by a shift of speculative capital towards AI and semiconductor stocks, as well as dimming prospects for key U.S. crypto legislation. Bitcoin's correlation with major stock indices has recently broken down, failing to rally alongside record-high equities. While Bitcoin ETFs saw a slight inflow after a record 13-day outflow streak, total assets under management have shrunk significantly. Despite the gloom, some, like Strive's CEO, view the drop to the 200-week moving average as a historic buying opportunity. Meanwhile, options markets show intense put buying on MicroStrategy, and its floating-rate preferred shares (STRC) have also plunged, reflecting heightened market risk perception towards Saylor's strategy amid a rising rate environment.

华尔街日报Há 2h

Crypto Market Plunges: Bitcoin Breaks Below $60k, Ethereum Drops Over 10%, Strategy Hunted by Short Sellers

华尔街日报Há 2h

Trading

Spot
Futuros
活动图片

Categorias popularesright-arrow

Etiquetas Popularesright-arrow