Blockchain security firm Blockaid has warned that decentralized exchange aggregator CoW Swap is facing a suspected front-end attack affecting its primary domain, cow.fi. Users are being advised to avoid interacting with the site and to revoke any previously granted token approvals while the project investigates the incident.
What we know
According to Blockaid, the issue stems from a compromise of CoW Swap’s web interface, which could prompt users to sign malicious transactions. CoW Swap has acknowledged the issue and is investigating. No additional details on scope or impact were immediately available.
User safety guidance
- Avoid visiting cow.fi or interacting with CoW Swap’s web interface until the project confirms it is safe.
- Revoke token approvals previously granted to CoW Swap-related contracts using a reputable allowance management tool.
- Do not sign unexpected transactions or messages, especially if prompted by pop-ups or unfamiliar prompts.
- Verify official updates directly from CoW Swap’s confirmed communication channels before taking further action.
What is a front-end attack?
A front-end attack targets a project’s website or user interface rather than its smart contracts. Attackers may alter the interface to route transactions to malicious addresses, modify approvals, or prompt users to sign harmful actions. Even if underlying contracts remain secure, users can still be at risk when interacting through a compromised site.
About CoW Swap
CoW Swap is a decentralized exchange aggregator that sources liquidity across multiple venues to execute token swaps at competitive prices. It is known for its batch auction mechanism designed to reduce slippage and protect users from certain types of MEV (maximal extractable value) attacks.
This is a developing story and will be updated as more information becomes available.