Security firm PeckShield reported that the hacker successfully drained roughly 551 BNB off CoW Swap into Tornado Cash, worth around $181,600 at the time of the attack.
Blockchain Surveyor Detects Funds Moving Away from CoW Swap
The decentralized exchange (DEX) protocol suffered a contract exploit that approved fund transfers from the protocol. Blockchain surveyor MevRefund flagged the event and detected that the funds seemed to be moving away from CoW Swap.
The MEV searcher warned the DEX and its users of the exploit in a Twitter thread.
Hacker Invokes Transaction to Approve DAI to SwapGuard
According to Smart contract auditing firm BlockSec, a wallet address was added as a “solver” of CoW Swap by a multisig. The address then invoked the transaction to approve DAI to SwapGuard, leading to SwapGuard transferring DAI from the CoW Swap settlement contract to other addresses.
@CoWSwap your funds appear to be moooving away ...https://t.co/li1NkXNeUp
— MevRefund (@MevRefund) February 7, 2023
CoW Swap Lost Around 551 BNB Worth $181,600
PeckShield estimated that around 551 BNB was lost, worth $181,600 at the time of the attack. The hacker moved the stolen assets to the crypto mixer Tornado Cash.
CoW Swap Urges Users Not to Revoke Approvals
During the attack, some members of the community panicked and urged users to revoke approvals from the DEX. However, the decentralized finance (DeFi) protocol said that this isn’t necessary.
We are aware of an issue that has impacted the fees that CoW Protocol has collected over the past week.
— CoW Swap | Better than the best prices (@CoWSwap) February 7, 2023
We have mitigated the issue and are conducting an investigation.
Traders are in no way affected.
More details to follow.
Recommended reading: 5 Tips for Beginner Bitcoin Traders

(Image credit: logll.com)
Join Our Newsletter
Frequently Asked Questions
FAQ:
What is CoW Swap?
CoW Swap is a decentralized exchange (DEX) protocol that facilitates the buying and selling of digital assets in a decentralized manner, without the need for intermediaries.
Transactions on the platform are conducted using smart contracts and users have full control over their assets, which are stored in their own digital wallets.
What happened in the recent attack on CoW Swap?
In the recent attack on CoW Swap, a hacker successfully drained around 551 BNB from the platform into Tornado Cash. This was achieved through a contract exploit that approved fund transfers from the protocol.
The attack was detected by blockchain surveyor MevRefund, who flagged the event and warned the DEX and its users of the exploit in a Twitter thread.
How did the hacker drain the funds from CoW Swap?
The hacker was able to drain the funds from CoW Swap by adding a wallet address as a "solver" of CoW Swap using a multisig.
This allowed the address to invoke a transaction that approved DAI to SwapGuard, which then transferred DAI from the CoW Swap settlement contract to other addresses.
What was the value of the funds that were drained from CoW Swap?
The funds that were drained from CoW Swap were estimated to be around 551 BNB, which was worth $181,600 at the time of the attack.
What was the reaction of the CoW Swap community to the attack?
In response to the attack, some members of the CoW Swap community panicked and urged users to revoke approvals from the DEX.
However, the decentralized finance (DeFi) protocol said that this wasn't necessary, as the settlement contract which was exploited only had access to the fees that the protocol collected in a week and was unable to directly access user funds without an order signed by users. CoW Swap has not yet responded to Cointelegraph's request for comment.