CoW Swap issues statement on attack: domain subjected to social engineering attack, control of the cow.fi domain has now been regained.

Foresight News reports that CoW Swap announced on Twitter that it has regained control of the cow.fi domain and has been operating normally on cow.finance for some time, and is now gradually transitioning back to the original domain. According to the official statement, on April 14, the attacker deceived the DNS registrar by forging documents to obtain control of the cow.fi domain. The attacker deployed a highly realistic phishing website, implementing the attack in two stages: first, tricking users into signing malicious transactions through a wallet drainer, and then stealing mnemonic phrases and passwords via fake wallet pop-ups. This attack targeted the domain registrar and did not involve CoW Swap’s own infrastructure or any private key leaks. Affected users are advised to use tools such as Revoke.cash to revoke all approvals and consider transferring funds to a new wallet.