Blockaid has identified a front-end attack targeting CoW Swap, warning that the site cow.fi has been flagged as malicious. The alert urged anyone with a connected wallet to immediately revoke token approvals and stop interacting with the dApp.
Blockaid posted on X (formerly Twitter) on April 14, 2026, notifying users that its system had detected a compromise of the CoW Swap front end. The company advised users who had connected wallets to revoke approvals and avoid the site.
CoW Swap confirmed the problem the same day, posting that it was experiencing an issue with its frontend and asking users not to use the platform while the team investigates.
CoW Swap is the primary trading interface for CoW Protocol, a decentralized trading system that uses batch auctions and a network of competing solvers to route and execute swaps across on-chain liquidity venues. The protocol emphasizes MEV protection and supports trading across multiple networks, including Ethereum, Base, Polygon, Arbitrum, Gnosis, Avalanche, BNB Chain, Linea, Plasma, and Ink.
If you may have connected a wallet to cow.fi, take immediate precautions: disconnect the wallet, revoke token approvals using a trusted revocation tool, and monitor balances for unauthorized activity. Avoid interacting with the CoW Swap frontend until the team confirms the issue is resolved.
This is a developing story and will be updated as more information becomes available.
Disclosure: This article was edited by Estefano Gomez. For more information on how we create and review content, see our Editorial Policy: https://cryptobriefing.com/editorial-policy/.
