The Magnitude exploit kit is a type of malicious software toolkit used by cybercriminals to deliver malware through web browsers. It works by redirecting users—often without their knowledge—from a legitimate website to a compromised server that scans their system for vulnerabilities. If it finds one, it exploits the flaw to silently install malware, such as ransomware or banking trojans.
Magnitude was active primarily between 2013 and the late 2010s and was known for targeting outdated versions of browser plugins like Flash and Java. It operated as part of the underground cybercrime economy, often rented out to other attackers.
Since then, its activity has declined due to better browser security, the decline of vulnerable plugins, and law enforcement efforts.