HighActiveNo recent activityHackINC-C8BAA0

CoW Swap DNS Hijack

Confidence91% · High
TypeHack
Est. Loss$500.0K
Signals4
First DetectedApr 28, 2026, 2:24 AM
Last SignalApr 15, 2026, 2:54 PM

Overview

Attackers redirected CoW Swap domain to a malicious site, risking user funds.

CoW Swap halted its interface after detecting a DNS hijacking attack, warning users to avoid interactions.

Protocols
CoW SwapCoW Protocol
Chains
Ethereum
Assets
BTCCOW

Sources & Timeline

  1. NewCoinDesk90%

    DNS hijacking redirected users from CoW Swap's legitimate domain to a malicious lookalike site.

    Apr 14, 2026, 6:27 PMRead on Bytewit →
  2. NewDecrypt90%

    Attackers gained control of CoW Swap's website domain, redirecting users to a fake interface to approve malicious transfers.

    Apr 14, 2026, 9:37 PMRead on Bytewit →
  3. NewCointelegraph95%

    Unknown attacker performed DNS hijack on CoW Swap's frontend domain.

    Apr 14, 2026, 8:14 PMRead on Bytewit →
  4. NewCoinDesk90%

    Attackers redirected CoW Swap domain to a malicious site, risking user funds.

    Apr 15, 2026, 6:06 PMRead on Bytewit →
CoW Swap DNS Hijack | Bytewit Incidents