CoW Swap, an Ethereum-based decentralized exchange aggregator, warned users on Tuesday to avoid using the protocol, disclosing that its front-end interface had been compromised.

“We are now actively working to resolve the situation,” the project frequently used by Ethereum co-founder Vitalik Buterin said in a post to X. “The CoW Protocol backend and APIs were not impacted, but we have paused them temporarily as a precaution.”

CoW Swap indicated that attackers had gained control of the website domain that users typically visit before engaging with the protocol. That gave bad actors the opportunity to direct users to a different website where funds could be stolen through the approval of malicious transfers.

Although the compromise didn’t affect CoW Swap’s underlying smart contracts, the protocol appeared to remain frozen three hours after the attack was divulged. Meanwhile, users on Discord reported losses within the project’s official server.

“I don't know what to do anymore,” said one user who claimed that they lost more than $50,000 via CoW Swap’s compromised front end. “I have no money at all.”

Despite apparent frustrations, the scope of losses sustained wasn’t immediately clear. 

A pseudonymous member of the CoW Swap team who goes by MooKeeper told Decrypt that reports are actively being investigated and verified. They added that a more complete assessment would be released tomorrow or later this week.



“We have evidence that a small number of users signed malicious approvals for very small amounts,” MooKeeper added.

Still, a noted cybersecurity researcher who goes by Vladimir S. on X said that around $500,000 worth of digital assets had been “drained from a few addresses so far.”

Martin Köppelmann, co-founder and CEO of decentralized infrastructure provider Gnosis, noted in a post to X that the attack’s scope appears limited. He said that users are potentially affected only if they approved interactions with CoW Swap within the past few hours.

Websites that try to trick users by mimicking established DeFi projects aren’t entirely uncommon. Last year, for example, Curve Finance suffered its second DNS hijack. The first one, which took place in 2022, resulted in $570,000 in losses for users.

Buterin, who has swapped notable amounts of Ethereum for stablecoins using CoW Swap this year, had engaged with the protocol as recently as a week ago, data from on-chain analytics firm Arkham Intelligence showed. In 2024, he also used the decentralized exchange aggregator to offload holdings of a meme coin modeled on a baby pygmy hippo from Thailand.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。