The hacker who stole nearly $22 million from a U.S. government wallet has returned most of the money. This information comes from Arkham, a platform that specializes in tracking digital assets.

On Thursday, the hacker accessed a government address that hadn’t been active for eight months. But less than 24 hours later, that same address received back $19.3 million. This means they returned about 88% of what was stolen.

The wallet contained cryptocurrency that had been seized from hackers involved in the Bitfinex incident back in 2016. The stolen assets included stablecoins like USDT, USDC, Aave USDC (aUSDC), and Ethereum (ETH). Arkham pointed out that the hacker started selling these assets for ETH and funneled the money through a suspicious address linked to money laundering.

Arkham has been monitoring various transactions related to U.S. government wallets this year. In July, another government address transferred over $2 billion in Bitcoin (BTC) that had been seized from Silk Road, an illegal online marketplace. Arkham noted that this transfer likely represented a 10,000 BTC deposit to an institutional custody service.

In April, a different U.S. government address sent over $131 million in seized BTC to a Coinbase Prime wallet. These movements highlight the ongoing activity and scrutiny of digital assets tied to government actions.