Blockaid flags CoW Swap’s cow.fi frontend as malicious, urging users to revoke token approvals and avoid the dApp amid a broader wave of DeFi interface attacks.
Summary
- Blockaid flags CoW Swap’s main cow.fi frontend as malicious.
- Users are urged to revoke token approvals and avoid the dApp immediately.
- Incident highlights growing wave of DeFi frontend attacks across major protocols.
Blockchain security firm Blockaid has warned that CoW Swap’s primary website COW.FI has been compromised in a suspected frontend attack, marking the latest high‑profile exploit attempt against a major DeFi trading interface.
In an alert shared on X, Blockaid said its system “has detected a front-end attack targeting Cowswap” and confirmed that the cow.fi domain has been flagged as malicious inside Blockaid‑integrated wallets, advising users “to refrain from signing transactions and avoid interactions with the dApp until the issue is resolved.”
Following the warning, CoW Swap community channels and independent security commentators urged traders who had connected wallets to CoW Swap to immediately revoke any outstanding token approvals and to stop interacting with the platform’s frontend until further notice, even though underlying smart contracts have not been reported as compromised.
🚨 Community Alert:
Blockaid’s system has identified a front-end attack on @CoWSwap.
The site cow[.]fi has been flagged as malicious.
Avoid any interactions with the dApp immediately. pic.twitter.com/QKGk3DtPjH
— Blockaid (@blockaid_) April 14, 2026
Blockaid alert adds to DeFi frontend attack wave {#blockaid-alert-adds-to-defi-frontend-attack-wave}
Blockaid’s latest alert comes amid a surge in so‑called frontend hijacks, where attackers compromise a project’s website or DNS rather than its on‑chain contracts, silently swapping legitimate transaction prompts for malicious ones that drain user wallets.linkedin+1
In February, Blockaidreported a similar frontend attack on tokenization platform OpenEden, warning users to “refrain from signing transactions and avoid interactions with the dApp until the issue is resolved,” while separate incidents have recently hit lending protocol Curvance and asset manager Maple Finance.
As highlighted in CoW Swap’s own DeFi security guides, these attacks target “people, devices, and transaction behavior instead of only attacking code,” making basic hygiene like checking URLs, using browser bookmarks and monitoring token approvals critical for retail and professional users alike.
Security platforms such as Kerberus and Revoke‑style tools recommend users regularly audit and revoke token approvals after any suspected incident, noting that revocation “only removes future permission for that contract to move your tokens” and cannot recover funds already drained.
ForDeFi traders, the CoW Swap incident underscores a lesson that keeps recurring in crypto.news coverage of exchange exploits, bridge hacks and protocol drains: even when audited smart contracts remain intact, a single compromised frontend can still turn a routine swap into a total wallet loss if users sign blind.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
DeFi Sector Faces Multiple Pressures as Yields Fall and $285M Hack Raises Security Concerns
Decentralized finance (DeFi) is under pressure as lending yields drop to levels similar to traditional bonds, blockchain activity declines, and a significant hack raises security concerns, challenging claims of institutional-grade safety.
GateNews25m ago
France to Introduce New Measures to Combat Crypto-Related Kidnappings, 41 Cases Reported in 2026
France is implementing new measures to protect cryptocurrency holders in response to rising crime, including a prevention platform and stricter protocols. The country has seen a significant increase in crypto-related kidnappings, leading global incidents.
GateNews1h ago
RedPeach Implements Facial Recognition Tests to Ban Sex Robots and Fake Creators
RedPeach has introduced mandatory facial recognition for content creators to combat impersonation by AI and outsourced chatters, ensuring genuine interactions. CEO Marco Cally emphasizes user protection against emotional scams, following legal challenges in the industry.
GateNews2h ago
Bitcoin Core Developers Propose BIP-361 to Freeze 1.7M Early BTC Against Quantum Computing Threats
BIP-361, proposed by co-authors including Jameson Lopp, aims to secure early Bitcoin by migrating 1.7 million coins from weak P2PK addresses to stronger formats, allowing 3-5 years for users before freezing untransferred coins. Community responses vary significantly.
GateNews8h ago
CoW Swap Recovers cow.fi Domain After Social Engineering Attack on April 14
CoW Swap regained control of its cow.fi domain after a social engineering attack that occurred on April 14. The attackers used forged documents to manipulate the DNS registrar and deploy a phishing site. Users affected by the incident are advised to revoke transaction approvals and transfer funds.
GateNews9h ago
Florida and Massachusetts jointly recover $5.4 million in cryptocurrency scam assets
The Florida State Attorney’s Office and the Marion County Sheriff’s Office jointly recovered $5.4 million in cryptocurrency scam funds, involving an investment fraud scheme that used romance as a cover. Some of the funds have been returned to victims in Florida and Massachusetts. Since its inception, CFEU has recovered $7.2 million, and another $12.6 million in assets remains frozen. Massachusetts has also carried out multiple law-enforcement actions, shutting down scam websites and recovering funds.
MarketWhisper11h ago
