There were two root causes of the Hundred Finance attack.
First, the project setup two wBTC cTokens, one of which was used by the UI, one of which was empty.
1/4
Today's Hundred Finance attack has a pretty unique attack loop.
Mint, redeem it all - 2, transfer it back to the ctoken contract(!), borrow a lot(!), take the target funds, redeem the big pile of the original currency(!), liquidate the child attack contract, and redeem 1.