
CoW Swap Halts Trading After DNS Hijack Redirects Users to Malicious Site
Key Takeaways
- DNS hijack redirected users from swap.cow.fi, prompting CoW Swap to pause platform.
- CoW DAO paused APIs and backend as a precaution amid the incident.
- Users were told to avoid the site and revoke approvals due to malicious front end.
CoW Swap DNS Hijack
CoW Swap suffered a DNS hijacking attack on April 14, 2026, that forced the platform to halt operations.
“Popular DeFi platform warns users to stay away from its site after security breach The team that helps operate the platform, CoW Swap, said that it was working to resolve the issue for the DEX aggregator”
The attack occurred at 14:54 UTC when the project's domain was compromised, redirecting users to a malicious lookalike site.

The protocol's backend and smart contracts were not directly compromised, but were paused as a precaution.
The incident highlights persistent security risks around web front-ends in DeFi platforms.
CoW Swap operates as a decentralized exchange aggregator using a Coincidence of Wants mechanism.
The platform is governed by CoW DAO, spun out of the Gnosis ecosystem.
User Warnings and Industry Response
CoW DAO issued a public warning urging users to avoid interacting with swap.cow.fi.
Security firm Blockaid flagged the CoW Swap interface as malicious.

Users were prompted to revoke all approvals made after 14:54 UTC using tools like revoke.cash.
Other DeFi teams, such as Aave, took precautionary measures.
The attack vector has become a persistent weak point in decentralized finance.
The incident occurred amid a broader wave of Web3 hacks.
Financial Impact and Governance
The COW token traded at approximately $0.2201 with a market cap of around $121.7 million.
“Popular DeFi platform warns users to stay away from its site after security breach The team that helps operate the platform, CoW Swap, said that it was working to resolve the issue for the DEX aggregator”
The platform had processed roughly $3.5 billion in trading volume over the past 30 days.
CoW Swap has been integrated with key Ethereum-based applications including Safe and Aave.
The incident revived scrutiny of CoW Swap's governance.
The team has not yet confirmed full restoration or released a post-mortem.
More on Crypto

GenLayer Foundation Leads 27 Companies Launch Internet Court Standard for AI Agent Disputes
15 sources compared

Circle Wins Final OCC Approval To Establish Circle National Trust Bank
15 sources compared

Paul Grewal Steps Down As Coinbase Chief Legal Officer; Molly Abraham Named General Counsel
12 sources compared

Bitdeer Breaks Ground on $36 Million Sparks, Nevada Facility to Produce 10,000 Mining Rigs Monthly
10 sources compared