CoW Swap Launches on Linea L2 and Deepens Aave Integration

CoW Swap has completed security checks following Vercel's infrastructure investigation and confirmed the platform is safe to use. **Actions taken:** - Rotated all authentication tokens - Audited deployments (no malicious code found) - Reviewed activity logs (no suspicious access detected) The team has no indication CoW Swap was among Vercel's impacted customers but implemented all recommended remediation steps as a precaution. This follows a DNS hijacking incident where an attacker used social engineering to gain control of the cow.fi domain through the DNS registrar. The attack deployed phishing sites that attempted to drain wallets and harvest seed phrases. CoW Protocol's backend and APIs were never compromised during the incident.

CoW Swap has released a detailed post-mortem following an April 14 domain hijacking incident. The report includes: - Root cause analysis of the security breach - Confirmed impact assessment - Hardening measures implemented to prevent future incidents The team coordinated with their domain registrar to compile a comprehensive breakdown of what occurred. The full transparency report is now available, detailing the timeline of events and security improvements. CoW Swap thanked users for their patience during the investigation period.

**Critical Security Alert for CoW Protocol Users** If you connected your wallet to cow.fi between approximately 13:00 and 20:00 UTC on April 14, 2026, take immediate action: - **Treat your wallet as compromised** - Revoke all token approvals using [revoke.cash](http://revoke.cash) or similar services - Consider transferring funds to a new wallet - Never enter your seed phrase anywhere **Important Notes:** - The time window has been extended as a precautionary measure - All users should revoke approvals made after 14:54 UTC on April 14 - Use trusted revocation tools like [revoke.cash](http://revoke.cash) to safely remove permissions This security incident affects users who interacted with the CoW Protocol platform during the specified timeframe. Taking these steps promptly will help protect your assets from potential unauthorized access.

**CoW Swap users need to take immediate action following a security incident.** **What happened:** - The CoW Swap website (cow.fi) was compromised between approximately 13:00 and 20:00 UTC on April 14 - Users who connected their wallets during this window may be at risk **Required actions:** - Revoke all approvals made on CoW Swap after 14:54 UTC on April 14 - Use tools like [revoke.cash](http://revoke.cash) to easily revoke permissions - Treat your wallet as potentially compromised if you connected during the affected timeframe - Consider moving funds to a new wallet - Never enter your seed phrase anywhere **Timeline note:** The suggested time window (13:00-20:00 UTC) has been padded as an extra precaution. Take action now to protect your assets.