CoW Swap mentioned that it paused protocol exercise after attackers hijacked the DNS data for its most important frontend at swap.cow.fi. The group warned customers to cease interacting with the positioning and later confirmed the difficulty started at 14:54 UTC.
Customers ought to revoke all approvals made on CoW Swap after 14:54 UTC right now. Instruments like https://t.co/CGNBLppgWS make this straightforward to do. https://t.co/JNEUaTcuVd
— CoW DAO (@CoWSwap) April 14, 2026
The incident affected the frontend area reasonably than the protocol’s good contracts. CoW mentioned its backend and APIs had been paused as a precaution, although they weren’t instantly impacted, and urged anybody who interacted with swap.cow.fi after 14:54 UTC to revoke approvals instantly utilizing revoke.money.
What makes the episode critical is the kind of weak spot it uncovered. This was not a contract exploit contained in the protocol itself, however an assault on the interface customers depend on to succeed in it. That distinction issues as a result of even when core infrastructure stays intact, a compromised frontend can nonetheless flip routine pockets interactions right into a direct safety threat for customers who signal the fallacious transaction.
Supply: CoW Swap on X.
Disclaimer: Crypto Economic system Flash Information are based mostly on verified public and official sources. Their goal is to supply quick, factual updates about related occasions within the crypto and blockchain ecosystem.
This data doesn’t represent monetary recommendation or funding advice. Readers are inspired to confirm all particulars by official mission channels earlier than making any associated selections.
