What happened to CoW Swap and why was the protocol paused?

CoW Swap paused its protocol after a front-end website compromise allowed attackers to redirect users to malicious sites. The exploit targeted the interface, not the underlying smart contracts. The pause was a precaution to prevent further user losses.

Was CoW Swap’s smart contract hacked?

No, CoW Swap confirmed that its smart contracts and backend systems were not affected. The attack was limited to the front-end website, where users interact with the protocol. This means the core infrastructure remained secure, but users were still exposed via the interface.

How much was lost in the CoW Swap exploit?

Early estimates suggest around $500,000 in crypto assets may have been stolen. However, the full scope of losses is still under investigation. The team indicated that only a small number of users were impacted so far.

How did the attackers steal funds from CoW Swap users?

Attackers gained control of the platform’s domain and redirected users to a fake interface. Users who interacted with this malicious site unknowingly approved transactions. These approvals allowed attackers to drain funds from affected wallets.

Who is most at risk from the CoW Swap hack?

Users who interacted with CoW Swap during the compromised period are most at risk. Specifically, those who approved transactions on the malicious interface could have lost funds. Users who did not interact during this window are unlikely to be affected.

Is this kind of front-end attack common in DeFi?

Yes, front-end exploits and DNS hijacks are a known risk in decentralised finance. The article references similar incidents involving Curve Finance in the past. These attacks target user interfaces rather than blockchain code.

What does this mean for DeFi security overall?

The incident highlights that even if smart contracts are secure, user-facing layers remain vulnerable. Security in DeFi is not just about code but also about infrastructure like websites and domains. This is a structural risk investors and users need to consider.

How might this impact CoW Swap users and adoption?

In the short term, trust in the platform may be affected, especially among retail users. However, the limited scope and intact smart contracts could help contain long-term damage. Recovery depends on transparency and how quickly the issue is resolved.

CoW Swap pauses protocol after website exploit

Written by BloombergPublished Apr. 15 2026Last Updated Apr. 15 2026

CoW Swap paused its protocol after a front-end compromise allowed attackers to redirect users to malicious websites and steal funds.

The Ethereum-based decentralised exchange aggregator warned users to avoid interacting with its platform, noting that while the interface was breached, its underlying smart contracts and backend systems were not affected.

“We are now actively working to resolve the situation,”

Said CoW Swap.

Attackers reportedly gained control of the platform’s domain, enabling them to trick users into approving malicious transactions, with early estimates suggesting around $500,000 in losses.

The team said only a small number of users were impacted and that investigations are ongoing, with a fuller assessment expected later this week.

Cybersecurity researchers and community reports indicated that affected users had recently approved transactions, highlighting the risks of front-end exploits despite secure smart contracts.

The incident follows similar attacks in decentralised finance, including previous DNS hijacks involving Curve Finance, underscoring persistent security vulnerabilities in user-facing infrastructure.

At the time of reporting, Ethereum price was $2,330.37.