"The hijack was detected at approximately 14:54 UTC on April 14, 2026. Cow DAO issued a public warning on X at roughly 15:41 UTC, advising users to stop interacting with the site entirely while the team investigated."
"DNS hijacking is a well-known attack method in decentralized finance (DeFi). Attackers gain control of domain registrar settings, redirect traffic to a lookalike site, and deploy wallet drainers that trigger malicious transactions when users connect their wallets or sign approvals."
"The risk was limited to users who visited the compromised frontend and signed transactions after 14:54 UTC. Cow DAO posted guidance at 16:33 UTC instructing affected users to revoke any approvals granted after that time."
On April 14, 2026, Cow Swap's frontend at swap.cow.fi was hijacked via DNS at 14:54 UTC. Cow DAO paused the protocol's APIs and backend as a precaution. Users were advised to revoke approvals immediately using revoke.cash. The hijack was confirmed at 16:24 UTC, but the backend and APIs were not affected. The incident highlighted the risks of DNS hijacking in decentralized finance, where attackers redirect traffic to malicious sites. No large-scale losses were reported, but users who interacted with the compromised site were at risk.
Read at news.bitcoin.com
Unable to calculate read time
Collection
[
|
...
]