BNB Chain’s DeFi scene faced turbulence after attackers exploited the NGP protocol and siphoned off roughly $2 million in crypto. The exploit triggered a sharp token price drop and sent holders scrambling for information.
Security teams flagged the transactions almost immediately, but the attacker still converted the funds to ETH.
The stolen assets were bridged to Ethereum, then routed through Tornado Cash. Investigations are ongoing, with security firms warning other DeFi teams to review similar vulnerabilities.
According to data flagged by Blockaid, the attack targeted NGP’s price calculation mechanism.
The exploit centered on the contract’s getPrice() function, which used reserves from a single liquidity pool to determine the token price. This dependency left the protocol open to manipulation.
Attackers used a flash loan to distort the reserves in the Uniswap V2 pair.
By inflating the USDT side of the pool and reducing the token side, they temporarily made the token price appear much lower. This allowed them to bypass the maxBuyAmountInUsdt check built into the contract.
Once past the buy limit, the exploiter bought large volumes of NGP tokens before restoring the pool to normal levels.
After repaying the flash loan, the attacker pocketed the profit in a single transaction. This attack vector is common in protocols that rely on a single DEX spot price without an oracle safeguard.
The breach caused a sharp decline in the token’s price within minutes. Holders attempting to exit found liquidity drained, causing wider panic selling across decentralized exchanges.
Community Alert:
Blockaid’s exploit detection system identified multiple malicious transactions targeting the NGP token on BSC.
Roughly $2M has been drained.↓ We’re monitoring in real time and will share updates below pic.twitter.com/efxXma0REQ
— Blockaid (@blockaid_) September 17, 2025
Blockchain data shows the attacker converted the stolen tokens to ETH shortly after execution.
The assets were then bridged from BNB Chain to Ethereum, leaving NGP liquidity pools under stress. The final transfers were traced to Tornado Cash, where the funds currently remain.
Blockaid confirmed their exploit detection system was monitoring the attacker’s wallets in real time. They urged users to avoid interacting with suspicious contracts until a fix is deployed. The exploit is still under investigation, and developers have not yet announced a recovery or patch timeline.
Security experts are calling for multi-source oracle solutions to prevent similar exploits. Using only a single pool price has proven risky for protocols under heavy on-chain liquidity activity. Developers may now face pressure to upgrade price feeds before liquidity returns.
The post NGP Protocol Exploit on BNB Chain Drains $2M, Price Collapses as Funds Move Through Tornado Cash appeared first on Blockonomi.
Also read: US Federal Reserve Cut Rate; BTC Price and ETH Price Commence Upticks
