Revoke.cash logo

CoW Swap DNS Hijack

Check if your address is affected.

Discovered On2026-04-14
Stolen AmountUnknown
Affected Networks
Ethereum Logo
BNB Chain Logo
Polygon Logo
Base Logo
Arbitrum Logo
Gnosis Chain Logo
Plume Logo
Gravity Alpha Logo
Read Morex.com

Description

On the 14th of April 2026, malicious actors were able to compromise the DNS records of the popular DEX CoW Swap. This allowed them to redirect users to a malicious website that stole users' funds. We've made a list of addresses that we know belong to the attackers, but keep in mind that there might be more, so even if the exploit checker shows no results, do make sure to check for any approvals made on the 14th of April.

Affected users remain at risk as long as they haven't revoked their approvals, so it is recommended to use the Revoke.cash Exploit Checker below to make sure that you're safe.

Next
GONDI Hack
Back to Exploits