The team behind Cow Swap assures that no funds were compromised.
Vitalik Buterin used CoW Swap in February to sell ETH for $21.74 million.
CoW Swap, a popular decentralized exchange on the Ethereum network, suffered this Tuesday, April 14, an attack known as DNS hijacking. In simple terms: someone took control of the swap.cow.fi domain and redirected it to a fake site, with the aim of deceiving users trying to trade.
The alert was released by CoW DAO, the organization behind the protocol, at 11:41 am UTC, asking everyone to refrain from using the platform while it was being investigated.
About 90 minutes later, at 14:54 UTC, CoW DAO confirmed the type of attack and clarified that the protocol itself, that is, The infrastructure and APIs that process the operations were not compromised.. Even so, they decided to pause them preventively. The team reported that it was actively working to regain control of the situation and would notify when it was safe to operate again.
CoW Swap is a decentralized exchange aggregator that is based on obtain best price available for each operation between multiple platforms decentralized. Since its launch in 2021, it has processed more than $33 billion in volume and ranks among the top ten DEXs with the most monthly activity.
Impact on external integrations
The incident also reached other protocols. Aave, one of the largest decentralized lending platforms in the ecosystem, reported that the CoW Swap team preventively disabled connection points for external integrators. Given this, Aave redirected swaps from its interface to ParaSwapanother DEX aggregator, so that its users would not be interrupted.
The incident takes on additional relevance given that CoW Swap is the platform that Vitalik Buterin, co-founder of Ethereum, used in February of this year to sell 10,723 ETH, equivalent to 21.74 million dollars, exchanging them for the stablecoins GHO and PayPal USD (PYUSD), as reported by CriptoNoticias.
At the time of writing, CoW DAO was continuing to work to restore service. No losses of user funds were reported, although the investigation was ongoing.