AFI Pauses afiUSD Vault After $480K Mainnet Exploit

Artificial Financial Intelligence has confirmed a security incident involving its afiUSD vault on mainnet, with losses estimated at $480,000. The team said the affected vault was paused as a precaution while investigators review the attack. Notably, AFI said the incident remained limited to the afiUSD vault. Other vaults were not affected, and the project said its remaining vaults are safe, secure, and fully operational, a phrase that does most of its heavy lifting in times like these.

AFI first issued a security notice saying it had identified an incident affecting the afiUSD vault on mainnet. As part of its immediate response, the team paused the vault and advised users not to interact with afiUSD until further notice. The project later described the incident as a sophisticated exploit worth roughly $480,000. AFI said it is actively investigating the attack with security partners and tracing all related activity. The team also said it conducted reviews of other vaults and core systems. At the time of its update, AFI said it had not found related anomalies or signs of compromise outside the affected afiUSD mainnet vault, which helped narrow the known impact. Users were still asked to wait for further updates before interacting with the affected product.

AFI said no other vaults were affected by the exploit. The project added that all remaining vaults remain safe, secure, and fully operational, which is the part of the announcement users tend to read twice. According to the update, a detailed post-mortem will be published in the coming days, expected to explain the exploit path, the affected contracts or processes, and whether any recovery steps are available. Additionally, AFI said communication channels remain open for the actor involved. The project pointed to Blockscan chat and an email address shared in an on-chain message, urging engagement before further escalation. In other words, the team is doing the usual post-exploit two-step: trace on-chain, then politely ping the attacker.

The afiUSD incident adds to a wider pattern of DeFi security events affecting vaults, reward systems, and smart contract modules. Vault products can carry concentrated risk, since they pool user funds inside automated strategies or contract-based systems, which is a polite way of saying a single bug can have a busy afternoon. However, AFI's current update does not say the exploit spread beyond afiUSD. The team has only confirmed the affected vault, the estimated loss, the pause, and the ongoing review. CoinMarketCap's incident summary also said AFI is working with security partners to trace activity and prepare a post-mortem, and noted that other AFI vaults remained unaffected. For now, the key instruction remains simple: users should avoid interacting with afiUSD until AFI provides a new update, while the project continues its investigation and prepares a full incident report.