CoW Swap DNS Hijack
Check if your address is affected.
On the 14th of April 2026, malicious actors were able to compromise the DNS records of the popular DEX CoW Swap. This allowed them to redirect users to a malicious website that stole users' funds. We've made a list of addresses that we know belong to the attackers, but keep in mind that there might be more, so even if the exploit checker shows no results, do make sure to check for any approvals made on the 14th of April.
Affected users remain at risk as long as they haven't revoked their approvals, so it is recommended to use the Revoke.cash Exploit Checker below to make sure that you're safe.
Next time, revoke it automatically
Revoke Ultimate monitors your approvals around the clock and revokes them automatically when an exploit like this one is identified, even while you sleep.
See how Auto-Revoking works →