Below is the function from the ERC20 contract which had the initial vulnerability. Also, a link to view the code for yourself on etherscan. Just do ctrl+f search for the batch transfer function on the contract page.
The issue with the batchTransfer() function is it’s performing a balance check against the amount on line 11 but that amount value comes from a mathematical operation on line 9 which has an overflow vulnerability.
You will see that the amount results from multiplying the length of the array times the value being sent. Since there are no checks that this mathematical operation does not overflow to a value lower than our balance, we can easily set the amount to 0 using a very large number as our _value.
When the actual balances are updated on line 15, we are not using the amount of 0, but instead we are using the initial large _value sent to the function, but this time there is no multiplication, so it does not cause an overflow, it only updates the value to a very large number.