New Gold Protocol Hacked for $2M Due to Smart Contract Flaw
The decentralized protocol New Gold Protocol (NGP), operating on the BNB Chain, has fallen victim to an attack in which perpetrators siphoned approximately $2 million from the liquidity pool of its native token. The incident was traced to a vulnerability in the protocol’s price-determination mechanism.
According to Blockaid, attackers exploited a flaw in the getPrice() function of the smart contract. This method calculated the token’s value directly from the reserves of a Uniswap V2 pair—a highly unreliable approach, as the resulting “spot” price could be artificially manipulated within a single transaction using a flash loan. The attacker temporarily borrowed a substantial amount of assets, executed a large-scale swap, and altered the balance of the mainPair pool. The share of USDT surged while the NGP reserve dwindled, causing the function to return a deflated price. This, in turn, allowed the attacker to bypass transaction size limits and acquire vast amounts of tokens at a fictitiously low rate.
PeckShield reported that the stolen funds were swiftly funneled through the Tornado Cash mixer. In the aftermath, the token’s value plummeted by 88% in under an hour. Experts warn that this issue is systemic: relying on a single source of pricing data leaves protocols dangerously exposed to such manipulations.
The case reflects a broader trend of escalating attacks on DeFi platforms. Just a week earlier, the Nemo Protocol on the Sui blockchain was compromised after unaudited code changes enabled criminals to drain $2.4 million. According to Chainalysis, hackers stole more than $2 billion from crypto services in the first half of 2025 alone—already surpassing figures for the same period in previous years. The scale of digital theft continues to rise, with smart contracts persisting as one of the most vulnerable fault lines in decentralized finance infrastructure.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
