Malicious DApp
Moderate
A decentralized application designed to trick users into signing transactions that drain their wallet or grant unlimited token approvals to attacker-controlled contracts. Malicious DApps often impersonate legitimate protocols through typosquatted domains or compromised front-ends. SSP's co-signing model provides a second review point: both devices must confirm the transaction data before it is broadcast.