Ethereum DeFi Exchange CoW Swap Pauses Protocol Following Website Compromise

CoW Swap, an Ethereum-based decentralized exchange aggregator, warned users connected Tuesday to debar utilizing the protocol, disclosing that its front-end interface had been compromised.

“We are present actively moving to resoluteness the situation,” the task often utilized by Ethereum co-founder Vitalik Buterin said successful a post to X. “The CoW Protocol backend and APIs were not impacted, but we person paused them temporarily arsenic a precaution.”

CoW Swap indicated that attackers had gained power of the website domain that users typically sojourn earlier engaging with the protocol. That gave atrocious actors the accidental to nonstop users to a antithetic website wherever funds could beryllium stolen done the support of malicious transfers.

Although the compromise didn’t impact CoW Swap’s underlying astute contracts, the protocol appeared to stay frozen 3 hours aft the onslaught was divulged. Meanwhile, users connected Discord reported losses wrong the project’s authoritative server.

“I don't cognize what to bash anymore,” said 1 idiosyncratic who claimed that they mislaid much than $50,000 via CoW Swap’s compromised beforehand end. “I person nary wealth astatine all.”

Despite evident frustrations, the scope of losses sustained wasn’t instantly clear. 

A pseudonymous subordinate of the CoW Swap squad who goes by MooKeeper told Decrypt that reports are actively being investigated and verified. They added that a much implicit appraisal would beryllium released time oregon aboriginal this week.

“We person grounds that a tiny fig of users signed malicious approvals for precise tiny amounts,” MooKeeper added.

Still, a noted cybersecurity researcher who goes by Vladimir S. connected X said that astir $500,000 worthy of integer assets had been “drained from a fewer addresses truthful far.”

Martin Köppelmann, co-founder and CEO of decentralized infrastructure supplier Gnosis, noted successful a post to X that the attack’s scope appears limited. He said that users are perchance affected lone if they approved interactions with CoW Swap wrong the past fewer hours.

Websites that effort to instrumentality users by mimicking established DeFi projects aren’t wholly uncommon. Last year, for example, Curve Finance suffered its 2nd DNS hijack. The archetypal one, which took spot successful 2022, resulted successful $570,000 successful losses for users.

Buterin, who has swapped notable amounts of Ethereum for stablecoins utilizing CoW Swap this year, had engaged with the protocol arsenic precocious arsenic a week ago, information from on-chain analytics steadfast Arkham Intelligence showed. In 2024, helium besides utilized the decentralized speech aggregator to offload holdings of a meme coin modeled connected a babe pygmy hippo from Thailand.