Not Your Keys, Not Your Domain Either: CoW Swap Tells Users to HODL Off After DNS Hijacking

CoW Swap's DAO is practically begging users to stay away from its platform after someone apparently decided they'd rather hijack a website than milk a cow. The decentralized autonomous organization has fallen victim to a domain hijacking, which is the crypto equivalent of someone stealing your mailbox and rerouting all your mail to a sketchy warehouse.

In a Tuesday post on X that probably felt like sending a distress flare, the DAO announced its website experienced a "DNS hijacking"—that delicious moment when attackers redirect traffic to their own servers like a crypto-themed magic trick. This prompted the team to pause backend services and APIs faster than you can say "rug pull." The frontend exploit through swap.cow.fi remained active at publication time, which means users were essentially walking into a neon sign that said "free crypto, no questions asked."

"We are now actively working to resolve the situation," CoW Swap stated, probably while refreshing their browser 47 times. "Please continue to refrain from using swap dot cow dot fi until we confirm that it is safe to use." Translation: "We love you, but please, for the love of Satoshi, do not touch anything until we've put out this dumpster fire."

DNS attacks