- CoW Swap reported a loss of $1.2 million in a domain attack that occurred on April 14.
- The attack did not affect the platform or protocol.
- The issue has now been resolved and the team is looking into compensation plans.
Decentralized exchange CoW Swap has reported a major security incident following a sophisticated phishing attack that resulted in losses amounting to approximately $1.2 million. The event serves as a reminder that even established platforms are not immune to cryptocurrency hacks.
The attack, which occurred on April 14, did not target the platform’s core protocol. Instead, it exploited a weakness in its domain management system. This redirected its users to a malicious website designed to mimic the official interface.
CoW Swap domain hack resulted in $1.2 million in losses
According to the latest reports, the DEX platform CoW Swap lost about $1.2 million In a recent phishing attack. The incident occurred on April 14, and quickly attracted attention, although the main system of the platform was not affected.
The team recently observed that attackers used social engineering to take control of the platform’s domain for a short period. This allowed them to redirect users to a fake website that looked almost identical to the real one. Thus, users thought it was the real CoW Swap platform. It was difficult for them to identify anything suspicious or unusual.
Users who landed on this malicious website were asked to link their wallet addresses and approve transactions. Although the main protocol remained secure, the attack resulted in significant losses for users. The issue has now been resolved, and additional security features have been added.
It is worth noting that this incident comes on the heels of Drift protocol hackWhich lost about $220 to $270 million in assets.
DeFi protocol Aave also reacted to the CoW Swap domain hack. The company stated that the hack did not affect the system or protocol. Aave has suspended access to endpoints associated with the CoW Swap integration for security reasons. The team also reassured users that its platforms remain completely secure.
CoW Swap takes action after hack
After the range attack, the CoW Swap team moved in to limit the damage and regain control. The team discovered the problem within minutes and began an emergency response. So they managed the problem in about 19 minutes. To protect users, they temporarily moved operations to a new domain. They were also working on fixing the hacked issue.
The attack was reportedly linked to a supply chain issue, where attackers used social engineering to take over the Cow.fi domain and redirect users to a fake website. Despite this, the team confirmed that its underlying systems, smart contracts, and user funds were not directly hacked.
Within approximately 26 hours, the original range was fully restored with stronger protections, including advanced security locks. The team has since launched external audits, initiated legal action against those responsible, and is exploring avenues for redress.
They soon shared A A “post-mortem” report on the CoW Swap attack. They confirmed that the system is now fine. “This incident is part of a documented pattern of .fi domain hijackings targeting cryptocurrency projects,” the platform noted.
Read the post, “Current status: Swap.cow.fi is fully functional and safe to use. The domain has been recovered and restored to our AWS account with registry locked, and all services are working normally. You can use CoW Swap with confidence.”
