Skip to main content
Security

New Gold Protocol Suffers $2m Price Oracle Manipulation via Flash Loan

A single-source price oracle vulnerability, exploitable by flash loans, enabled the theft of $2 million, highlighting critical systemic risk.
September 21, 20253 min

This abstract visualization displays a spherical construct with interlocking white and vibrant blue segmented layers, creating a sense of depth and advanced engineering. The central area reveals a detailed, transparent core filled with geometric forms, reminiscent of complex data matrices or cryptographic keys
A metallic, toroidal winding, composed of multiple polished loops, rests precisely on a circular, radial fin array. The symmetrical arrangement of both components, rendered in cool blue-grey tones, highlights their structured and interconnected nature

Briefing

The New Gold Protocol (NGP) on the BNB Chain was exploited for approximately $2 million (443.8 ETH) on September 18, 2025, through a sophisticated price oracle manipulation attack. This incident leveraged a critical flaw in NGP’s smart contract, specifically its reliance on a single Uniswap V2 liquidity pool for token pricing, making it susceptible to flash loan-induced price distortions. The immediate consequence was an 88% crash in the NGP token’s value, with the stolen funds subsequently routed through Tornado Cash, severely complicating recovery efforts.

A translucent, melting ice formation sits precariously on a detailed blue electronic substrate, evoking the concept of frozen liquidity within the cryptocurrency ecosystem. This imagery highlights the fragility of digital asset markets and the potential for blockchain network disruptions

Context

Prior to this incident, the DeFi ecosystem has faced persistent risks from protocols relying on insecure price oracles, a known class of vulnerability. Many projects, particularly those with lower liquidity or minimal auditing, often utilize single-source price feeds from decentralized exchanges (DEXs), creating an easily manipulable attack surface. This architectural oversight allows for rapid, temporary price manipulation within a single atomic transaction, a vector frequently exploited by sophisticated threat actors.

The image displays a close-up perspective of numerous metallic, rectangular modules arranged in a complex, interconnected grid. These modules are illuminated by vibrant blue digital characters and patterns, suggesting active data processing

Analysis

The incident’s technical mechanics centered on the NGP smart contract’s getPrice() function, which determined the NGP token’s value solely from its reserves within a Uniswap V2 liquidity pool. An attacker initiated a flash loan, temporarily borrowing a substantial amount of assets without collateral. This borrowed capital was then used to execute a swap that artificially inflated the USDT reserves while draining NGP tokens from the mainPair pool, causing the getPrice() function to report a drastically deflated NGP token price. With the price oracle compromised, the attacker bypassed the contract’s transaction limits, acquired a large volume of NGP tokens at a manipulated low price, repaid the flash loan, and extracted approximately $2 million in profit.

A multifaceted, crystalline structure radiates outwards from a central, spherical core. The core features concentric rings and a smooth, white central orb, encased in transparent material revealing internal mechanisms

Parameters

  • Protocol Targeted ∞ New Gold Protocol (NGP)
  • Attack VectorPrice Oracle Manipulation via Flash Loan
  • Financial Impact ∞ ~$2 Million (443.8 ETH)
  • Affected BlockchainBNB Chain
  • Vulnerable Component ∞ getPrice() function relying on single Uniswap V2 pool
  • Token Impact ∞ NGP token price plummeted 88%
  • Post-Exploit Activity ∞ Funds routed through Tornado Cash
  • Security Firms Involved ∞ Blockaid, PeckShield

A white, circuit-patterned cylinder, suggestive of a data conduit, is centrally positioned, passing through a dense, blue-lit toroidal structure. This intricate structure is composed of countless interconnected metallic blocks, radiating a digital glow

Outlook

To mitigate similar risks, protocols must adopt robust, multi-source price oracle solutions and undergo rigorous, independent security audits to identify and rectify such vulnerabilities. Users should exercise extreme caution with new or unaudited DeFi projects, prioritizing those with transparent security postures and decentralized governance. This exploit underscores the ongoing need for the DeFi ecosystem to evolve its security best practices, emphasizing resilience against sophisticated on-chain manipulation tactics.

A futuristic, modular white satellite-like structure with solar panels propels a vigorous stream of frothy blue water into a cloudy, watery expanse. This central aperture serves as a symbolic protocol gateway, channeling immense data availability or liquidity flow

The New Gold Protocol Exploit Serves as a Stark Reminder That Single-Point Oracle Dependencies Remain a Critical Systemic Vulnerability, Demanding Immediate Architectural Remediation across the DeFi Landscape.

Signal Acquired from ∞ Crypto Economy

Micro Crypto News Feeds

oracle manipulation

Oracle Manipulation ∞ is a type of attack where the data provided by a blockchain oracle is deliberately falsified or corrupted.

defi ecosystem

Definition ∞ The DeFi Ecosystem refers to the interconnected network of decentralized finance applications and protocols built on blockchain technology.

liquidity pool

Liquidity Pool ∞ is a collection of cryptocurrency tokens locked in a smart contract, typically used to facilitate decentralized trading.

protocol

Definition ∞ A protocol is a set of rules governing data exchange or communication between systems.

price oracle

Definition ∞ A price oracle is a digital service that provides external price data to smart contracts on a blockchain.

bnb chain

BNB Chain ∞ is a decentralized blockchain network that supports smart contracts and decentralized applications.

token price

Definition ∞ Token price represents the current market value of a specific digital asset, typically denominated in a base currency like USD or another cryptocurrency.

tornado cash

Definition ∞ Tornado Cash is a decentralized cryptocurrency mixing service designed to enhance user privacy by obscuring the transaction history of digital assets.

security

Definition ∞ Security refers to the measures and protocols designed to protect assets, networks, and data from unauthorized access, theft, or damage.

exploit

Definition ∞ An exploit refers to the malicious utilization of a security flaw or vulnerability within a protocol, smart contract, or application to gain unauthorized access, steal assets, or disrupt operations.

Tags:

Tags: