Exploit.ROPGadgetAttack

detection icon

Short bio

Exploit.ROPGadgetAttack is Malwarebytes’ detection name for attacks that attempt to use Return Oriented Programming (ROP) gadgets.

Technique

Exploit.ROPGadgetAttack detects and prevents Return Oriented Programming (ROP) gadgets when a Windows API is called. Provisions are made for individualized protection of “CALL” and “RET” instructions. By using a ROP attack a threat actor tries to gain control of the call stack and hijack a program’s control flow and then execute specifically chosen machine instruction sequences that are already present in the machine’s memory, called gadgets. Chained together, these gadgets allow the threat actor to perform arbitrary operations on an affected system.

Protection

Malwarebytes protects your system(s) by detecting attempts to use ROP gadgets

ROP gadget attack blocked

Exploit ROP gadget attack blocked

detection icon

Related blog content

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams