The company’s distribution system was hacked right before messages endorsing a rival “sleep with a stranger” site were sent to many of its one million members.
The email headed "Site Improvements" appeared to prompt recipients towards the rival paid service Airbnb.
CouchSurfing hosts and guests do not exchange money.
“Indications are that the attempted XSRF attack (cross-site request forgery) was not successful,” the Register reports.
Couchsurfing declined to on whether the offending emails pushed maliciouscode.
In a statement on its support site, the company "apologised for any confusion" the incident may have caused.
Couchsurfing said that "member data was not exposed.”