ZachXBT links alleged social engineering theft network to $19M

Blockchain investigator ZachXBT says he linked US-based alleged threat actor Dritan Kapllani Jr. to over $19M in cryptocurrency thefts carried out via social engineering theft tactics. In posts and interactions with other actors, Dritan allegedly showcased luxury assets (cars, designer watches, private jets, nightlife) while discussing criminal activity online. ZachXBT alleges that on April 23, 2026, Dritan appeared on a Discord “band 4 band” call and displayed an Exodus wallet he claimed held about $3.68M. ZachXBT identified the Ethereum wallet address shown during the call and connected it to a major social engineering theft on March 14, 2026, involving 185 BTC. The report claims the 185 BTC theft was worth roughly $13M at the time and was executed through social engineering theft techniques targeting a crypto holder. ZachXBT further alleges that on March 15, Dritan’s wallet received about $5.3M from the theft, and that by the Discord call date (about six weeks later) nearly $1.6M had already been spent or laundered. These allegations surfaced one day after US authorities unsealed a criminal complaint against Trenton Johnson related to the 185 BTC theft. ZachXBT states Dritan was identified as “Co-Conspirator 1,” though he has not been formally charged. The investigator also connects Dritan to an earlier January 2026 case involving John Daghita (“Lick”), and claims at least five additional 2025 social engineering thefts tied to Dritan’s previously used wallets, totaling more than $5.85M. Key trading-relevant angle: the story centers on on-chain movement from a large BTC theft into ETH-linked wallets and alleged laundering timelines.