Blockaid flags CoW Swap’s cow.fi frontend as malicious, urging users to revoke token approvals and avoid the dApp amid a broader wave of DeFi interface attacks.
Summary
- Blockaid flags CoW Swap’s main cow.fi frontend as malicious.
- Users are urged to revoke token approvals and avoid the dApp immediately.
- Incident highlights growing wave of DeFi frontend attacks across major protocols.
Blockchain security firm Blockaid has warned that CoW Swap’s primary website COW.FI has been compromised in a suspected frontend attack, marking the latest high‑profile exploit attempt against a major DeFi trading interface.
In an alert shared on X, Blockaid said its system “has detected a front-end attack targeting Cowswap” and confirmed that the cow.fi domain has been flagged as malicious inside Blockaid‑integrated wallets, advising users “to refrain from signing transactions and avoid interactions with the dApp until the issue is resolved.”
Following the warning, CoW Swap community channels and independent security commentators urged traders who had connected wallets to CoW Swap to immediately revoke any outstanding token approvals and to stop interacting with the platform’s frontend until further notice, even though underlying smart contracts have not been reported as compromised.
🚨 Community Alert:
Blockaid’s system has identified a front-end attack on @CoWSwap.
The site cow[.]fi has been flagged as malicious.
Avoid any interactions with the dApp immediately. pic.twitter.com/QKGk3DtPjH
— Blockaid (@blockaid_) April 14, 2026
Blockaid alert adds to DeFi frontend attack wave {#blockaid-alert-adds-to-defi-frontend-attack-wave}
Blockaid’s latest alert comes amid a surge in so‑called frontend hijacks, where attackers compromise a project’s website or DNS rather than its on‑chain contracts, silently swapping legitimate transaction prompts for malicious ones that drain user wallets.linkedin+1
In February, Blockaidreported a similar frontend attack on tokenization platform OpenEden, warning users to “refrain from signing transactions and avoid interactions with the dApp until the issue is resolved,” while separate incidents have recently hit lending protocol Curvance and asset manager Maple Finance.
As highlighted in CoW Swap’s own DeFi security guides, these attacks target “people, devices, and transaction behavior instead of only attacking code,” making basic hygiene like checking URLs, using browser bookmarks and monitoring token approvals critical for retail and professional users alike.
Security platforms such as Kerberus and Revoke‑style tools recommend users regularly audit and revoke token approvals after any suspected incident, noting that revocation “only removes future permission for that contract to move your tokens” and cannot recover funds already drained.
ForDeFi traders, the CoW Swap incident underscores a lesson that keeps recurring in crypto.news coverage of exchange exploits, bridge hacks and protocol drains: even when audited smart contracts remain intact, a single compromised frontend can still turn a routine swap into a total wallet loss if users sign blind.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Luck.io, Solana's Non-Custodial Casino, Shuts Down; Users Urged to Withdraw Funds Immediately
Gate News message, April 24 — Luck.io, a non-custodial casino platform built on Solana, announced its closure on April 24, 2026, urging all users to withdraw their balances from Smart Vaults immediately. Withdrawals can be initiated through the luck.io website or via the Vault Withdrawal Tool at
GateNews1h ago
U.S. Sanctions Iran-Linked Crypto Wallets; Tether Freezes $344 Million USDT
Gate News message, April 24 — U.S. Treasury Secretary Scott Bessent announced sanctions against multiple wallets linked to Iran on Thursday, as part of President Donald Trump's efforts to increase economic pressure on the country amid an ongoing ceasefire. "We will follow the money that Tehran is de
GateNews4h ago
Project Eleven awards Q-Day 1 BTC bounty: researchers use a quantum computer to crack a 15-bit elliptic curve key
Project Eleven, a nonprofit organization focusing on research into “Q-Day (Quantum Computer Breaks Blockchain Cryptography Day),” announced on 4/24 that it would award a $1 Bitcoin bounty to independent researcher Giancarlo Lelli. Using a Shor algorithm variant on publicly accessible cloud quantum computer hardware, Lelli successfully cracked a 15-bit elliptic curve key—marking the largest public quantum attack demonstration to date.
Attack Scale and Significance
Project Content Winner Giancarlo Lelli (Independent Researcher) Attack Target 15-bit elliptic curve key, searching 32,767 possibilities Using Hardware Publicly accessible cloud quantum computers Algorithm Shor
ChainNewsAbmedia4h ago
Researcher Breaks 15-Bit Elliptic Curve Key, Wins 1 BTC Bounty
Independent researcher Giancarlo Lelli derived a 15-bit elliptic curve key using a publicly accessible quantum computer, marking what Project Eleven called the "largest quantum attack" on elliptic curve cryptography to date, according to the startup. Project Eleven awarded Lelli a 1 BTC bounty,
CryptoFrontier6h ago
Polymarket Adds Steam Login, Balancer Hacker Swaps 7,000 ETH for BTC, Aave Chan Proposes Deposit Vault
Gate News message, April 24 — Polymarket introduced a new Steam account login option, expanding access methods for users. Saturn increased its STRC holdings, with total positions valued at $33 million. A Balancer hacker converted 7,000 ETH into 204.7 BTC, equivalent to approximately $15.88 million,
GateNews9h ago
Balancer Attacker Converts 13,191 ETH to 386.52 BTC Worth $30.54M
Gate News message, April 24 — According to Onchain Lens, the Balancer attacker (0xa6d6...BDaA) converted 13,191 ETH into 386.52 BTC over the past 15 hours, valued at approximately $30.54 million.
The attacker currently holds an additional 8,000 ETH, worth approximately $18.52 million.
GateNews10h ago
