The New Gold Protocol has been exploited for $2M after an attacker manipulated its price oracle with a flash load, leading the asset to collapse by 88%.
New Gold Protocol, a DeFi staking project, lost around 443.8 Ethereum ETH $4 599 24h volatility: 2.2% Market cap: $555.19 B Vol. 24h: $42.83 B , valued at $2 million, in an exploit on Sept 18. The attack caused the project’s native NGP token to crash by 88%, wiping out most of its market value in less than an hour.
The incident was flagged by multiple blockchain security firms, including PeckShield and Blockaid. Both firms confirmed the amount stolen and tracked the movement of the funds. Blockaid’s analysis identified the specific vulnerability that the attacker used.
🚨 Community Alert:
Blockaid’s exploit detection system identified multiple malicious transactions targeting the NGP token on BSC.
Roughly $2M has been drained.↓ We’re monitoring in real time and will share updates below pic.twitter.com/efxXma0REQ
— Blockaid (@blockaid_) September 17, 2025
Flash Loan Attack Manipulated Price Oracle
According to the Blockaid report, the hack was a price oracle manipulation attack. The protocol’s smart contract had a critical flaw; it determined the NGP token’s price by looking at the asset reserves in a single Uniswap liquidity pool. This method is insecure because a single pool’s price can be easily manipulated.
The attacker used a flash loan to borrow a large amount of assets. A flash loan consists of a series of transactions that borrow and return a loan within the same transaction. They used these assets to temporarily skew the reserves in the liquidity pool, tricking the protocol into thinking the NGP token was nearly worthless. This allowed the hacker to bypass a maximum purchase limit and buy a huge number of NGP tokens at minimal prices.
The next transactions in the chain, reversed the initial trade and repaid the flash loan, netting the hacker a 443.8 ETH profit. The funds were then taken to the Ethereum network and deposited into the Torando Cash mixer to obfuscate the trail.
This exploit highlights several red flags that surrounded the project. Unlike legitimate, audited tokens, NGP operated with little transparency and was plagued by extremely low trading volume. This incident is part of a larger pattern, as reports show that rising crypto hacks are becoming more frequent. It also adds to the debate over developer liability, a topic that crypto firms urge lawmakers to address.
next