On-chain investigator ZachXBT has identified 18-year-old Dritan Kapllani Jr. as a U.S.-based threat actor allegedly tied to nearly $19 million in crypto thefts targeting digital-asset holders through social engineering.
The ZachXBT thread centers on a March 14 theft of 185 BTC, worth about $13 million at the time, from a single victim. ZachXBT traced part of the stolen funds to an Exodus wallet allegedly controlled by Kapllani, which received about $5.3 million the next day. He also linked a second wallet to roughly $5.85 million in additional high-confidence social-engineering thefts across 2025.
The case stands out because it combines familiar crypto-crime tactics with unusually public behavior. ZachXBT highlighted luxury-car posts, watches, private jets, club spending, and an April 23 Discord “band for band” call in which Kapllani allegedly showed an Exodus wallet containing about $3.68 million. Those flexes appear to have helped connect online identities, spending patterns, and wallet activity across multiple incidents.
The federal angle is also important. ZachXBT wrote that a criminal complaint against Trenton Johnson was unsealed on May 11 in connection with the 185 BTC theft. Johnson faces up to 40 years if convicted, and he is presumed innocent unless proven guilty. ZachXBT also said the complaint identifies Kapllani as “Co-Conspirator 1,” while noting that Kapllani has not been formally charged.
The allegations fit a broader pattern of high-value social-engineering attacks against crypto users, founders, investors, and whales. These attacks often rely on SIM swaps, impersonation, compromised accounts, fake support channels, phishing links, and pressure tactics that move the victim toward seed phrase exposure, wallet approval mistakes, or account takeover.
CryptoAdventure has tracked several related cases where young laundering crews and social-engineering groups turned stolen crypto into luxury spending, including a California sentencing tied to a $260 million crypto theft. Other recent security coverage has also shown how social engineering now sits beside smart-contract bugs as one of the industry’s most damaging attack paths, especially when criminals target high-value individuals rather than protocols.
The Kapllani allegations show why investigators increasingly follow both blockchain flows and offchain behavior. Wallet transfers can map stolen funds, but social posts, Discord calls, aliases, car rentals, watches, and lifestyle spending can expose the people behind the wallets. Public flexing has become an operational weakness for crypto criminals who assume onchain laundering is enough to hide the trail.
The immediate legal focus remains Johnson’s complaint and whether prosecutors bring additional charges connected to the 185 BTC theft. The onchain focus is narrower but just as important: wallets allegedly tied to Kapllani still held more than $2.5 million when ZachXBT published the thread, leaving exchanges, victims, and investigators watching whether more funds can be frozen, traced, or recovered.
The post ZachXBT Identifies 18-Year-Old In Alleged $19M Crypto Theft Trail appeared first on Crypto Adventure.
