CoW Swap Halts Services Following DNS Hijacking Attack

CoW Swap, a prominent decentralized exchange (DEX) aggregator, has temporarily suspended its services following the detection of a domain name system (DNS) hijacking incident. The platform issued an urgent warning via X, advising users to refrain from interacting with its web interface until further notice. The attack, which occurred at 14:54 UTC on Tuesday, targeted the front-end layer of the platform. DNS hijacking is a critical vulnerability in the DeFi space, where attackers redirect users from legitimate domains to malicious clones to steal private keys or drain digital asset wallets. According to the team, the protocol's underlying infrastructure, including its APIs and backend systems, was not directly compromised. However, these components were paused as a precautionary measure while the team works to restore the integrity of the site. CoW Swap is known for its 'Coincidence of Wants' mechanism, which matches trades directly between users to minimize slippage and protect against maximal extractable value (MEV). The project is governed by the CoW DAO and originated from the Gnosis ecosystem. This incident highlights the persistent security risks associated with web-based interfaces in decentralized finance, even when the underlying smart contracts remain secure. The team is currently working to resolve the situation and will notify users once the site is safe to use.