New Crypto Launch Turns Sour: $1.9M Lost in DeFi 3.0 Flash Loan Attack
The new Gold Protocol (NGP), a newly-launched, AI-driven staking solution for decentralized finance (DeFi), fell victim to a devastating attack on September 18, 2025. Approximately $1.9 million in cryptocurrencies vanished within hours of the platform’s debut.
What went Wrong?
The culprit exploited bugs in NGP’s design. By manipulating oracles—price feeds—and tapping into flash loans—a loan service requiring repayment within the same transaction—the hacker inflated NGP token values artificially.
Flash loans allow borrowers to acquire digital assets instantly without putting up collateral. The体型rs used this loophole to purchase abnormal amounts of NGP tokens, overwhelming the market and raising prices rapidly. Once the market value spiked,they sold NGP for another stable asset,thus emptying the protocol’s treasury in minutes.
- NGP launched as a “DeFi 3.0” solution on the Binance Smart Chain.
- Aimed to combat price instability using AI optimization techniques.
- Promised deflationary properties by burning tokens regularly.
The stolen funds went into Tornado Cash, an anonymity-preserving service, leaving law enforcement few clues in identifying the perpetrator. The development team’s silence added to the confusion.
DeFi experts warn this incident highlights critical security vulnerabilities requiring urgent attention to safeguard future launches. Comparisons were drawn to the lightning-fast thefts via similar tactics on protocols like Euler Finance (March 2023), Cream Finance (2021), and more recently Cetus (2025).
This revelation may cast doubts over AI’s role in enhancing DeFi protocols’ durability against malicious exploits. Advocates argue for邂 combined governance and technology for failproof systems capable of countering fraudulent activities and ensuring user protection.
