An 18-Year-Old Hacker Brags on Discord, Accidentally Reveals a $19 Million Theft Case

marsbitОпубліковано о 2026-05-13Востаннє оновлено о 2026-05-13

Анотація

An 18-year-old American hacker, Dritan Kapllani Jr., has been exposed by on-chain investigator ZachXBT for allegedly masterminding a series of social engineering attacks that stole approximately $19 million from crypto users. The investigation began after a Discord voice call on April 23, 2026, where Dritan shared his screen to boast, revealing an Exodus wallet holding around $3.68 million. Tracing this address, ZachXBT linked it to a major March 14, 2026 theft of 185 BTC (worth ~$13 million at the time), with about $5.3 million of that sum funneled into Dritan's wallet. Further analysis revealed the wallet also contained over $5.85 million from multiple social engineering thefts dating back to 2025. In a May 11, 2026 unsealed criminal complaint against another individual, Trenton Johnson, a key co-conspirator marked "CC-1" is identified, with the on-chain community pointing to Dritan. While not formally charged yet, he is now named in the judicial narrative. Another individual, Meme coin KOL yelotree, faces charges for allegedly assisting in money laundering. Dritan, known for a lavish lifestyle on social media, was previously seen as having a "protagonist aura" within hacking circles, evading consequences as associates were apprehended. However, now that he has turned 18, he is facing legal accountability for his past actions.

Author | Asher(@Asher_0210)

Last night, on-chain investigator ZachXBT exposed an 18-year-old hacker from the United States named Dritan Kapllani Jr. According to the disclosed information, this young man is suspected of involvement in multiple social engineering attacks targeting crypto users, with a total involved amount of approximately $19 million. Although he has not been formally charged yet, he has been included in U.S. judicial documents as a 'co-conspirator'.

This case quickly drew attention, not only due to the massive amount involved but also because of its highly dramatic starting point—a voice call meant for showing off wealth became the breakthrough for the entire investigation.

Just Bragged Once on Discord

On April 23, 2026, a dispute in a Discord voice channel kicked off this series of events.

It was a voice call known as 'Band 4 Band', where participants compared their 'strength' in the most direct way—by displaying their holdings. The atmosphere quickly shifted from banter to competition. Driven by this mood, in order to prove he was richer, Dritan directly started a screen share, showing his Exodus wallet interface with a balance of about $3.68 million.

A few weeks later, this scene was revisited. On-chain investigator ZachXBT started from this address, piecing together originally scattered transactions one by one, gradually revealing a longer trail of funds.

A Trail of 185 Bitcoin Theft Funds Emerges

Going back to March 14, 2026, a social engineering theft involving 185 Bitcoins occurred, valued at about $13 million at the time. The funds were quickly moved out of the original address and rapidly entered an on-chain splitting system.

Just the next day, approximately $5.3 million of it was transferred into the wallet Dritan had shown during the Discord voice call (address: 0x4487db847db2fc99372a985743a26f46e0b2bba6). Over the following weeks, this sum of about $5.3 million was continuously split, transferred through multiple addresses, and flowed to different destinations. By the time of the April 23rd voice conversation, about $1.6 million had been further moved.

Not the First Time Involved in Crypto Theft

Tracing back from the wallet address Dritan showed, it soon became clear that the funds inside weren't just from that 185 Bitcoin theft.

According to on-chain analysis, the funds in this wallet can be traced back to multiple social engineering thefts in 2025, totaling over $5.85 million. Different victims, different times, but after the funds were transferred away, they would be quickly split, then moved through a series of addresses, following a very similar path. Matching up these funds transaction by transaction shows that many transfers ultimately landed in this wallet address Dritan displayed.

It's worth noting that Dritan once had a 'Band 4 Band' dispute with hacker John Daghita (Lick). Lick was later arrested for allegedly stealing approximately $46 million in U.S. government funds. In a later deleted Telegram post, he had publicly disclosed Dritan's old address (address: 0x97da0685dbba50b4cbabb0ca9e8336f4fbe41122), an act now appearing more like retaliation.

Judging from the on-chain behavior, this old address is highly consistent with the fund flow of the wallet Dritan displayed in terms of fund splitting methods, transfer paths, and subsequent destinations, and is therefore believed to be used by the same controlling party.

First Official 'Mention' in Judicial Documents

It wasn't until May 11, 2026, that this on-chain fund trail was formally confirmed for the first time in a judicial document. That day, the criminal indictment against Trenton Johnson was unsealed. He was charged for his involvement in the 185 Bitcoin theft case and faces up to 40 years in prison.

In the indictment, a key co-conspirator is labeled as 'Co-Conspirator 1 (CC-1)', and the on-chain analysis community has linked this identity to Dritan Kapllani Jr. Although Dritan has not been formally charged yet, he has moved from being an 'associated address' in on-chain inference to a 'co-conspirator' in the judicial narrative.

Furthermore, the same document mentions another involved person—Meme coin KOL yelotree, who is accused of assisting in money laundering through his Miami-based car rental business and faces up to 30 years in prison.

Turning 18, The End of a Decadent Life

Previously, Dritan had long lived a lavish lifestyle, frequently posting related content on Instagram and interacting with other hackers via Telegram. Within hacker circles, he was once considered to have a sort of 'protagonist aura'—multiple associated groups around him (such as ACG, 41 / RM Boyz, etc.) were successively dealt with by law enforcement, yet he himself remained untouched.

However, as he turned 18, this 'aura' came to an end, and his past actions began to be pursued legally.

Пов'язані питання

QWho exposed the 18-year-old hacker Dritan Kapllani Jr. and what was the alleged total amount involved?

AHe was exposed by on-chain detective ZachXBT. He is alleged to have participated in multiple social engineering attacks targeting crypto users, with a cumulative amount involved of approximately $19 million.

QWhat was the dramatic starting point for the investigation into Dritan Kapllani Jr.'s activities?

AThe investigation began after he screen-shared his Exodus wallet, showing a balance of about $3.68 million, during a 'Band 4 Band' argument in a Discord voice call where participants compared their wealth.

QAccording to the article, which specific wallet address did Dritan share in the Discord call, and what major theft was it linked to?

AThe wallet address he shared was 0x4487db847db2fc99372a985743a26f46e0b2bba6. It was linked to a 185 Bitcoin social engineering theft worth about $13 million that occurred on March 14, 2026, with approximately $5.3 million from that theft flowing into this address.

QWhat is Dritan Kapllani Jr.'s current legal status according to the unsealed indictment against Trenton Johnson?

AIn the unsealed criminal indictment against Trenton Johnson, Dritan Kapllani Jr. is referred to as 'Co-Conspirator 1 (CC-1).' While he has not been formally charged yet, he has been officially named as a co-conspirator in the judicial narrative.

QHow did the article describe the change in Dritan Kapllani Jr.'s situation after he turned 18?

AThe article states that after turning 18, his 'main character halo' (a perception of immunity) ended. His past actions are now subject to legal accountability, marking an end to his previously lavish and seemingly consequence-free lifestyle.

Пов'язані матеріали

$30 Billion DeFi Capital Exodus: LayerZero Stumbles, Chainlink Feasts

Following the major DeFi security incident involving Kelp DAO, a significant migration of funds is underway from the cross-chain protocol LayerZero to Chainlink's CCIP (Cross-Chain Interoperability Protocol). Over $30 billion in Total Value Locked (TVL) from protocols like Kelp DAO, Solv Protocol, Re, and Tydro has moved to Chainlink in the past week, driven by security concerns. LayerZero is facing a severe trust crisis after the attack. Initially denying responsibility, LayerZero Labs has now issued a public apology, acknowledging management oversights. These include a vulnerable "1/1" single-node configuration for its Decentralized Verification Network (DVN) and past misuse of a multi-signature wallet by a team member. The protocol's weekly bridge volume has slumped to near-historic lows of around $470 million. In contrast, Chainlink is experiencing a surge in adoption and activity. Its independent active addresses recently hit multi-month highs, and whales have been accumulating LINK tokens. Beyond DeFi, Chainlink is securing partnerships with traditional finance giants like DTCC, European stock exchange operator SIX Group, and asset manager Amundi. While LayerZero has announced security upgrades—such as migrating to stronger multi-signature configurations and developing a second DVN client—and contributed to a rescue fund, the event underscores that security is becoming a decisive competitive factor as DeFi matures.

marsbit21 хв тому

$30 Billion DeFi Capital Exodus: LayerZero Stumbles, Chainlink Feasts

marsbit21 хв тому

The $13 Trillion Repo Market Is Quietly Being Rewritten by Blockchain

The $13 trillion repurchase agreement (repo) market, a crucial artery for global short-term funding, is experiencing a significant transformation through blockchain technology. After years of limited impact in finance, blockchain is finding substantial adoption in repo transactions. Major institutions like JPMorgan Chase, HSBC, and Broadridge are deploying tokenized repo platforms, with daily volumes already reaching tens of billions of dollars. Traditional repo markets operate with fixed hours, rely on intermediaries, and involve manual, time-consuming processes. Tokenized repos, by contrast, use blockchain to create digital tokens representing cash and securities collateral. This enables near-instantaneous settlement, 24/7 trading, automated execution, and enhanced auditability. The key drivers for adoption include maturing technology, more receptive regulators, and growing client recognition of tangible benefits like reduced operational friction and capital efficiency. Analyses, such as one from Broadridge, indicate that moving a portion of repo activity onto blockchain can significantly reduce a bank's required liquidity buffers, potentially freeing up billions in capital. The infrastructure is also seen as foundational for a future of round-the-clock trading for traditional assets. Challenges remain, including the existence of fragmented blockchain networks, the need for stress testing under extreme market conditions, and the loss of operational flexibility compared to manual processes. However, the industry consensus is that these are implementation hurdles. Tokenized repo has moved beyond pilot stages to become one of blockchain's most concrete and impactful applications in traditional finance, marking a pivotal shift in how a core market functions.

marsbit22 хв тому

The $13 Trillion Repo Market Is Quietly Being Rewritten by Blockchain

marsbit22 хв тому

Bitwise: Why Are Top-Tier Capital Giants Aggressively Betting on New Public Blockchains Like Arc, Canton, and Tempo?

Why Top Institutions Are Betting Big on New Blockchains Like Arc, Canton, and Tempo This week saw a surge of major funding announcements for new, purpose-built blockchains. Circle's Arc raised $222M at a $3B valuation from investors like BlackRock. Canton Network developer Digital Asset secured $300M led by a16z at a $2B valuation. Stripe's Tempo, already a leader, raised $500M last year and has partnered with major firms. These three chains share key traits: they are designed for stablecoins and asset tokenization, they emerged after the US passed the *Genius Act* in July 2025, they natively support private transactions crucial for enterprise adoption, and they are backed by traditional finance and tech giants—unlike the crypto-native origins of Ethereum or Solana. This trend highlights three major shifts: 1) Clear regulation (like the pending *Clarity Act*) is unlocking massive institutional capital. 2) Built-in privacy is becoming a core feature for real-world business use, addressing the limitations of fully transparent ledgers. 3) Established corporations are now directly entering the blockchain arena, bringing significant resources and execution capability, which will accelerate innovation and competition across the entire crypto ecosystem.

marsbit34 хв тому

Bitwise: Why Are Top-Tier Capital Giants Aggressively Betting on New Public Blockchains Like Arc, Canton, and Tempo?

marsbit34 хв тому

From Gas Limit to 'Keyed Nonces', How to Understand the Next Step in Ethereum Scalability?

Ethereum’s scalability efforts are shifting toward a user-centric approach—focusing not only on higher TPS, but on translating technical upgrades into lower costs, smoother operations, and better wallet experiences. Two recent developments highlight this direction: - **Raising the Gas Limit to 200 million**: Following the Fusaka upgrade that increased it to 60 million, a consensus has formed around a potential future increase to 200 million. This would boost Ethereum’s execution capacity, but it is planned alongside other upgrades—such as ePBS, Block-Level Access Lists (BAL), and EIP-8037—to manage state growth and keep node operation viable for average participants. - **Keyed Nonces (EIP-8250)**: This proposal aims to improve how transactions are queued. Instead of a single linear nonce per account, it introduces multiple independent nonce domains. This prevents different types of transactions—such as private payments, session keys, or batch operations—from blocking each other. Vitalik Buterin views this as a foundational step toward better privacy support and more flexible state scalability. Together, these upgrades are part of a broader move to push complexity from wallets, DApps, and relays back into the protocol layer. For everyday users, this means future Ethereum interactions could become less congested, more intuitive, and safer—especially as core improvements in account abstraction, cross-L2 interoperability, and node decentralization continue to progress. Ultimately, Ethereum is evolving to handle not just more transactions, but more varied and complex on-chain use cases while preserving its decentralized foundation.

marsbit45 хв тому

From Gas Limit to 'Keyed Nonces', How to Understand the Next Step in Ethereum Scalability?

marsbit45 хв тому

Leaving OpenAI, How Much Has Their Net Worth Increased?

Former OpenAI employees have collectively accrued near-trillion dollar valuations through ventures and investments, charting AI's future. The article highlights two main paths: founding high-value companies like Anthropic and Perplexity, or applying insider insights as investors. Leopold Aschenbrenner exemplifies the investor path. After being fired from OpenAI, he leveraged firsthand knowledge of AI's massive energy demands to make hugely successful public market bets on nuclear and fuel cell companies, practicing "cross-industry cognitive arbitrage." Other alumni, like the Zero Shot VC fund founders, use their technical foresight for early-stage investing. Their key advantage lies not just in picking winners, but in knowing which technical approaches are likely dead ends—a "veto list" derived from internal OpenAI experience. Angel investing within the network, as seen with Mira Murati and Sam Altman, operates on deep, pre-existing understanding of a founder's capabilities, reducing due diligence to near zero. This creates an ecosystem bound by a shared belief in AGI's imminent arrival, differing from networks like the "PayPal Mafia" which were built on shared past struggles. The shift of these builders to investors signals a profound conviction: their situational awareness of the AI landscape is now so clear that deploying capital based on that judgment is more efficient than building themselves. They are allocating bets on the future they helped shape from the inside.

marsbit55 хв тому

Leaving OpenAI, How Much Has Their Net Worth Increased?

marsbit55 хв тому

Торгівля

Спот
Ф'ючерси

Популярні статті

Як купити NIGHT

Ласкаво просимо до HTX.com! Ми зробили покупку Midnight (NIGHT) простою та зручною. Дотримуйтесь нашої покрокової інструкції, щоб розпочати свою криптовалютну подорож.Крок 1: Створіть обліковий запис на HTXВикористовуйте свою електронну пошту або номер телефону, щоб зареєструвати обліковий запис на HTX безплатно. Пройдіть безпроблемну реєстрацію й отримайте доступ до всіх функцій.ЗареєструватисьКрок 2: Перейдіть до розділу Купити крипту і виберіть спосіб оплатиКредитна/дебетова картка: використовуйте вашу картку Visa або Mastercard, щоб миттєво купити Midnight (NIGHT).Баланс: використовуйте кошти з балансу вашого рахунку HTX для безперешкодної торгівлі.Треті особи: ми додали популярні способи оплати, такі як Google Pay та Apple Pay, щоб підвищити зручність.P2P: Торгуйте безпосередньо з іншими користувачами на HTX.Позабіржова торгівля (OTC): ми пропонуємо індивідуальні послуги та конкурентні обмінні курси для трейдерів.Крок 3: Зберігайте свої Midnight (NIGHT)Після придбання Midnight (NIGHT) збережіть його у своєму обліковому записі на HTX. Крім того, ви можете відправити його в інше місце за допомогою блокчейн-переказу або використовувати його для торгівлі іншими криптовалютами.Крок 4: Торгівля Midnight (NIGHT)Легко торгуйте Midnight (NIGHT) на спотовому ринку HTX. Просто увійдіть до свого облікового запису, виберіть торгову пару, укладайте угоди та спостерігайте за ними в режимі реального часу. Ми пропонуємо зручний досвід як для початківців, так і для досвідчених трейдерів.

1.2k переглядів усьогоОпубліковано 2025.12.08Оновлено 2025.12.08

Як купити NIGHT

Обговорення

Ласкаво просимо до спільноти HTX. Тут ви можете бути в курсі останніх подій розвитку платформи та отримати доступ до професійної ринкової інформації. Нижче представлені думки користувачів щодо ціни NIGHT (NIGHT).

活动图片