According to Golden Finance, Slow Fog posted a statement on X platform that Safe developers' equipment was hacked, resulting in malicious code being injected into the front end, attacks intercepted and transaction parameters were modified. After quick verification, it was found that there was indeed malicious code behind the js file on the Safe front-end. The relevant address (0xbdd077f651ebe7f7b3ce16fe5f2b025be2969516) involved a malicious execution contract that swept away ByBit's 1.5 billion assets.