The afiUSD vault has suffered a roughly $480,000 exploit, adding another DeFi security incident to a rough opening stretch for June. The AFI security update identified the affected product as
The afiUSD vault has suffered a roughly $480,000 exploit, adding another DeFi security incident to a rough opening stretch for June.
The AFI security update identified the affected product as the afiUSD vault and placed the loss near $480K. No other vaults were affected, and the remaining vaults were described as safe, secure and fully operational while investigation work continues.
The exploit hit a product tied to AFI’s proof-of-reserve and yield-vault stack. The afiUSD vault is presented as a USD-focused yield product using market-neutral DeFi strategies, with listed risks including smart contract and economic risk. The full exploit path has not been published yet, so the incident should not be framed as a confirmed protocol-wide failure, oracle issue, key compromise or vault-design flaw until the post-mortem lands.
AFI is working with security partners and tracing the related activity. A detailed post-mortem is expected in the coming days, which should clarify how the vault was drained, whether any funds remain recoverable, and whether the attacker used swaps, bridges, mixers or linked wallets after the initial exploit.
The team also opened communication channels through Blockscan chat and an email shared in an on-chain message. That language usually signals a possible recovery or bounty path, especially when a project wants the attacker to engage before legal or enforcement escalation.
For users, the immediate point is narrow but important: the exploit was limited to the afiUSD vault based on the current update, while other AFI vaults remain operational. Any broader claim about the root cause would be premature until contract traces and the post-mortem are available.
The afiUSD incident follows a busy start to June for crypto security. Fluid’s rewards drain exposed a key-control failure after compromised roles enabled fraudulent Merkle reward claims, while an AROS attack on BNB Chain was flagged for about $295K in losses.
Gnosis Pay also faced a separate delay module hack, with Gnosis promising to cover user losses. The common thread is not one chain or one exploit type. Attackers are finding value in vaults, reward systems, token contracts and smart-account modules, often outside the headline contracts users usually monitor.
AFI now needs to show the transaction path, the affected contracts, the containment steps and whether any funds can be recovered. Until then, the clean status is that afiUSD took the hit, other vaults are said to be safe, and the next update will determine whether this stays a contained vault incident or becomes a wider confidence problem for AFI’s yield stack.
The post afiUSD Vault Exploit Drains $480K As June Hack Run Continues appeared first on Crypto Adventure.
