The attacker began by withdrawing funds using Tornado Cash, which enables users to transfer crypto without leaving a trace. After transferring the funds to the Fuse network, the borrower used them as collateral to take out loans on Ola’s decentralized lending platform. Taking advantage of the re-entrancy bug, the attacker was then able to remove the collateral without first paying back the loan.
Source: https://www.coindesk.com/tech/2022/03/31/ola-finance-exploited-for-36m-in-re-entrancy-attack/?utm_medium=referral&utm_source=rss&utm_campaign=headlines