CoW Swap Warns Users to Avoid Frontend After Blockaid Flags Malicious Activity

CoW Swap has warned users to stay away from its frontend at swap.cow.fi after Web3 security firm Blockaid detected malicious activity on the cow.fi domain.

The team is actively investigating the issue, which may involve a compromise that tricks users into signing harmful transactions designed to drain their wallets.

What Happened to CoW Swap’s Frontend

Blockaid, which provides transaction screening for major wallets and DeFi platforms, flagged the cow.fi domain after its dApp scanning engine identified suspicious behavior.

🚨 Community Alert:
Blockaid’s system has identified a front-end attack on @CoWSwap.
The site cow[.]fi has been flagged as malicious.
If your wallet is connected, revoke approvals and avoid any interactions with the dApp immediately. pic.twitter.com/xGGmY53RMR
— Blockaid (@blockaid_) April 14, 2026

CoW Swap confirmed the alert shortly after, urging users to avoid interacting with the site entirely while the investigation continues.

“We are currently experiencing an issue with the CoW Swap frontend (https://swap.cow.fi). While we are investigating, please DO NOT use CoW Swap,” they wrote.

The CoW Protocol (COW) token, which trades at roughly $0.22 with a market cap near $120 million, has not yet seen a significant sell-off in response.

CoW Protocol (COW) Price Performance. Source: Coingecko

However, the risk to users who interact with the compromised frontend remains high.

Frontend attacks do not target smart contracts directly. Instead, they alter the interface users see, potentially injecting malicious transaction requests that appear legitimate.

Users who sign these transactions may unknowingly grant attackers access to their funds.

How Users Should Protect Themselves

CoW Swap advised all users to disconnect wallets from the platform and review any recent transactions for suspicious approvals.

Revoking token approvals through tools like Revoke.cash or Etherscan’s approval checker is a critical first step.

This is not the first time CoW Swap has faced security challenges. In 2023, an exploiter drained over $180,000 from the protocol’s settlement contract, though user funds were not directly affected in that incident.

Frontend compromises have become an increasingly common attack vector in DeFi. The 2025 Bybit hack, which exploited Safe Wallet’s frontend infrastructure, resulted in $1.5 billion in losses and underscored how even trusted interfaces can become entry points for attackers.

Users should wait for an official all-clear from the CoW Swap team before reconnecting wallets or resuming activity on the platform.

The post CoW Swap Warns Users to Avoid Frontend After Blockaid Flags Malicious Activity appeared first on BeInCrypto.

Source: https://beincrypto.com/cow-swap-frontend-malicious-blockaid-warning/