detection icon

Short bio

Exploit.ROPGadgetAttack is Malwarebytes’ detection name for attacks that attempt to use Return Oriented Programming (ROP) gadgets.


Exploit.ROPGadgetAttack detects and prevents Return Oriented Programming (ROP) gadgets when a Windows API is called. Provisions are made for individualized protection of “CALL” and “RET” instructions. By using a ROP attack a threat actor tries to gain control of the call stack and hijack a program’s control flow and then execute specifically chosen machine instruction sequences that are already present in the machine’s memory, called gadgets. Chained together, these gadgets allow the threat actor to perform arbitrary operations on an affected system.


Malwarebytes protects your system(s) by detecting attempts to use ROP gadgets

ROP gadget attack blocked

Exploit ROP gadget attack blocked