Decentralized exchange aggregator CoW Swap on Tuesday informed its community about having experienced a front-end attack. As per an update, the platform said that it was targeted with a Domain Name System (DNS) exploit. In such attacks, threat actors usually redirects internet traffic by changing the router settings to a malicious DNS server.
Built on the BNB Chain, CoW Swap launched in 2021. Instead of processing individual trades, CoW Swap essentially clubs its community’s orders together every thirty seconds to find optimal execution paths for token swaps. The protocol uses a network of “solvers” who compete to figure out the best token swap prices and routes for the group to offer the most efficient deals.
In a DNS hijacking attack, users trying to access the legitimate website, re-routes them to the fraud clone website. This allows the attackers to steal the users’ sensitive data including passwords and credit card numbers.
While CoW Swap has not explained the nitty grities of the attack, it did direct its community to immediately stop engaging with the protocol.
An investigation in the case is ongoing, the platform said, but elaborate details on the same remain undisclosed for now.
“The CoW Protocol backend and APIs were not impacted, but we have paused them temporarily as a precaution,” it said. “We are now actively working to resolve the situation. Please continue to refrain from using swap dot cow dot fi until we confirm that it is safe to use.”
The protocol has furthermore directed its users to revoke all approvals via tools like revoke.cash.
As of now, the impact of this attack on CoW Swap users remain undisclosed and elaborate details remain awaited.
This attack comes just days after DeFi exchange Drift Protocol suffered a highly sophisticated exploit leading to the draining of $280 million.
Infact, on Monday itself, Polkadot’s native $DOT token faced a bridge exploit through Hyperbridge. Through this, a billion DOT tokens were minted in an unauthorized way on the Ethereum mainnet.