On Tuesday, CoW Swap, an Ethereum-based decentralized exchange aggregator, urged users to refrain from using its protocol due to a breach of its front-end interface. The project, frequently utilized by Ethereum co-founder Vitalik Buterin, reassured that the backend and APIs remained unaffected but were paused temporarily for safety.
Attackers had seized control over the website domain typically accessed by users prior to interacting with the protocol, enabling them to mislead users to a fraudulent site where funds could be stolen through malicious transactions. While CoW Swap’s smart contracts weren’t compromised, the protocol stayed inactive three hours post-announcement. Discord reports highlighted losses among some users within the official server.
CoW DAO advised users on Twitter to revoke all approvals made on CoW Swap after 14:54 UTC on that day, providing a tool link for assistance. A user reported losing over $50,000 through the compromised interface, expressing distress at having lost their funds entirely.
The extent of losses remained unclear initially. MooKeeper, an anonymous CoW Swap team member, informed Decrypt that investigations and verifications were ongoing, with a detailed assessment expected soon. They confirmed incidents involving small-scale malicious approvals by some users.
However, cybersecurity expert Vladimir S. reported on X that approximately $500,000 in digital assets had been siphoned from several addresses. Martin Köppelmann, CEO of Gnosis, mentioned the attack’s impact might be limited to those who approved interactions with CoW Swap recently.
Such deceptive websites mimicking reputable DeFi projects aren’t rare; for instance, Curve Finance experienced its second DNS hijack last year after an initial incident in 2022 that led to $570,000 in user losses. Notably, Buterin had used CoW Swap for Ethereum exchanges into stablecoins recently and engaged with the platform as late as a week prior, per Arkham Intelligence data. In 2024, he utilized CoW Swap to liquidate meme coin assets themed around Thailand’s baby pygmy hippo.