Cyber Attack Crime, Hacker
Representational image. AFP

The exploiter of a digital wallet tagged by blockchain analytics firm Arkham Intelligence as belonging to the U.S. government appears to have returned majority of over $20 million they stole from the account late last week, as per Arkham data.

Arkham reported about the apparent "malicious activity" on the wallet Thursday, wherein over $20 million in cryptocurrencies were transferred out of the wallet that held the funds seized from the hackers of crypto exchange Bitfinex in mid-2016.

Wallet Makes Sudden Move

Arkham revealed Thursday that $20 million in USDC, aUSDC, and Ethereum (ETH) were "suspiciously moved" from the address "to an attacker" on Thursday. "We believe the attacker has already begun laundering the proceeds through suspicious addresses linked to a money laundering service," the on-chain activity tracker said.

Prominent crypto sleuth ZachXBT pointed out that the movement of the funds toward exchanges "looks nefarious."

Arkham data showed that the last activity on the wallet was seven months ago, when the wallet received nearly two billion TRUMP tokens.

Did the US Retrieve the Stolen Funds?

Less than a day after the supposed hacking, Arkham revealed that $19.3 million has been "returned" to the exploited wallet, making up for 88% of the initial amount of the pilfered tokens.

Some users tagged ZachXBT in Arkham's announcement but he has yet to comment on their questions regarding the supposed recovery of the funds.

This is the first time since July that much attention was paid to U.S.-government linked wallets. At the time, Arkham revealed that the government split $2 billion worth of seized Bitcoin in two new addresses.

There were various theories about why the wallet transferred the funds, but some industry experts suggested the decision may have been related to crypto exchange giant Coinbase's announcement that it was chosen by the U.S. Marshals Service to provide custody and trading services for the digital assets held by the federal agency.

However, last week's move was very different from the July transfers due to the suspicious nature of the activity.

Exploits Continue Across Crypto Space

News of the recent compromise comes about a week after cross-chain lending protocol Radiant Capital was exploited for over $50 million, raising concerns about why a crypto platform of Radiant's size didn't implement strong security measures.

In September, the FBI also revealed that the U.S. recorded the highest number of security complaints linked to crypto last year. Elderly people were the most affected during a year that saw the proliferation of customer support scams, call center frauds, and government impersonation scams among others.