Skip to main content
Security

New Gold Protocol Suffers $2m Price Oracle Manipulation via Flash Loan

A single-source price oracle vulnerability, exploitable by flash loans, enabled the theft of $2 million, highlighting critical systemic risk.
September 21, 20253 min

A series of white, conical interface modules emerge from a light grey, grid-patterned wall, each surrounded by a dense, circular arrangement of dark blue, angular computational blocks. Delicate white wires connect these blue blocks to the central white module and the wall, depicting an intricate technological assembly
The image showcases a high-tech, metallic turbine-like structure emitting a vibrant blue light from its core, partially covered in a frothy white substance. This visual represents the intricate engineering and development behind decentralized finance DeFi protocols and blockchain networks

Briefing

The New Gold Protocol (NGP) on the BNB Chain was exploited for approximately $2 million (443.8 ETH) on September 18, 2025, through a sophisticated price oracle manipulation attack. This incident leveraged a critical flaw in NGP’s smart contract, specifically its reliance on a single Uniswap V2 liquidity pool for token pricing, making it susceptible to flash loan-induced price distortions. The immediate consequence was an 88% crash in the NGP token’s value, with the stolen funds subsequently routed through Tornado Cash, severely complicating recovery efforts.

A white, circuit-patterned cylinder, suggestive of a data conduit, is centrally positioned, passing through a dense, blue-lit toroidal structure. This intricate structure is composed of countless interconnected metallic blocks, radiating a digital glow

Context

Prior to this incident, the DeFi ecosystem has faced persistent risks from protocols relying on insecure price oracles, a known class of vulnerability. Many projects, particularly those with lower liquidity or minimal auditing, often utilize single-source price feeds from decentralized exchanges (DEXs), creating an easily manipulable attack surface. This architectural oversight allows for rapid, temporary price manipulation within a single atomic transaction, a vector frequently exploited by sophisticated threat actors.

The image presents a sophisticated abstract rendering of interconnected mechanical and fluid elements against a gradient grey background. A prominent dark blue, square component with a central cross-design is surrounded by translucent, flowing light blue structures that integrate with other metallic and white ridged parts

Analysis

The incident’s technical mechanics centered on the NGP smart contract’s getPrice() function, which determined the NGP token’s value solely from its reserves within a Uniswap V2 liquidity pool. An attacker initiated a flash loan, temporarily borrowing a substantial amount of assets without collateral. This borrowed capital was then used to execute a swap that artificially inflated the USDT reserves while draining NGP tokens from the mainPair pool, causing the getPrice() function to report a drastically deflated NGP token price. With the price oracle compromised, the attacker bypassed the contract’s transaction limits, acquired a large volume of NGP tokens at a manipulated low price, repaid the flash loan, and extracted approximately $2 million in profit.

A clear, faceted, crystalline object rests on a dark surface, partially enclosing a dark blue, textured component. A central metallic gear-like mechanism is embedded within the blue material, from which a black cable extends across the foreground towards a blurred, multi-toned mechanical device in the background

Parameters

  • Protocol Targeted ∞ New Gold Protocol (NGP)
  • Attack VectorPrice Oracle Manipulation via Flash Loan
  • Financial Impact ∞ ~$2 Million (443.8 ETH)
  • Affected BlockchainBNB Chain
  • Vulnerable Component ∞ getPrice() function relying on single Uniswap V2 pool
  • Token Impact ∞ NGP token price plummeted 88%
  • Post-Exploit Activity ∞ Funds routed through Tornado Cash
  • Security Firms Involved ∞ Blockaid, PeckShield

A crystal-clear sphere reveals a miniature, complex circuit board architecture, complete with detailed blue and silver components. At its core, a smooth white sphere rests, symbolizing a foundational element or a single block within a chain

Outlook

To mitigate similar risks, protocols must adopt robust, multi-source price oracle solutions and undergo rigorous, independent security audits to identify and rectify such vulnerabilities. Users should exercise extreme caution with new or unaudited DeFi projects, prioritizing those with transparent security postures and decentralized governance. This exploit underscores the ongoing need for the DeFi ecosystem to evolve its security best practices, emphasizing resilience against sophisticated on-chain manipulation tactics.

A metallic, grid-patterned sphere, held by a silver rod, is prominently featured against a dark blue background with blurred lights. A bright white circular light emanates from the center of the sphere, highlighting its intricate, reflective surface

The New Gold Protocol Exploit Serves as a Stark Reminder That Single-Point Oracle Dependencies Remain a Critical Systemic Vulnerability, Demanding Immediate Architectural Remediation across the DeFi Landscape.

Signal Acquired from ∞ Crypto Economy

Micro Crypto News Feeds

oracle manipulation

Oracle Manipulation ∞ is a type of attack where the data provided by a blockchain oracle is deliberately falsified or corrupted.

defi ecosystem

Definition ∞ The DeFi Ecosystem refers to the interconnected network of decentralized finance applications and protocols built on blockchain technology.

liquidity pool

Liquidity Pool ∞ is a collection of cryptocurrency tokens locked in a smart contract, typically used to facilitate decentralized trading.

protocol

Definition ∞ A protocol is a set of rules governing data exchange or communication between systems.

price oracle

Definition ∞ A price oracle is a digital service that provides external price data to smart contracts on a blockchain.

bnb chain

BNB Chain ∞ is a decentralized blockchain network that supports smart contracts and decentralized applications.

token price

Definition ∞ Token price represents the current market value of a specific digital asset, typically denominated in a base currency like USD or another cryptocurrency.

tornado cash

Definition ∞ Tornado Cash is a decentralized cryptocurrency mixing service designed to enhance user privacy by obscuring the transaction history of digital assets.

security

Definition ∞ Security refers to the measures and protocols designed to protect assets, networks, and data from unauthorized access, theft, or damage.

exploit

Definition ∞ An exploit refers to the malicious utilization of a security flaw or vulnerability within a protocol, smart contract, or application to gain unauthorized access, steal assets, or disrupt operations.

Tags:

Tags: