http://www.avgthreatlabs.com/webthreats/info/blackhole-exploit-kit/
Statistics summary
Blackhole Exploit Kit is a threat that is spreading. It is currently ranked 1 in the world for online threats. Blackhole Exploit Kit has been detected by AVG on victims' machines in 214 countries during the last month. There are currently 46306 websites in 126 countries that host Blackhole Exploit Kit.
http://blogs.avg.com/news-threats/threat-encyclopedia-blackhole-exploit-kit/
What does a Blackhole Exploit Kit do?
A Blackhole Exploit Kit can be thought of as an All-In-One kit for malware owners of all levels to attack computers.
Rather than directly attacking an infected computer, a Blackhole Exploit Kit determines what is on the victim’s computer and loads all exploits that this computer is vulnerable to. This can result in stolen personal information and downloading of further malware including Trojans without the user’s knowledge or consent.
The exploits that the Blackhole Exploit Kit is looking for can be as basic as old versions of browsers and ubiquitous software such as Java, Adobe Flash and Adobe Reader.
Commercialization of crimeware
Blackhole creators ‘commercialized’ their product by providing a subscription-based service. Budding cybercriminal buy the rootkit and then try and sell it on to recoup their investment and are therefore also breaking the law.
But what is really interesting is that the Blackhole creators have found a novel way to hold onto the money stream by releasing updates to subscribers only and thereby reducing the numbers of non-paying customers.
Due to the illegality of the practice, it is reasonable to assume that the Blackhole creators expect some of their customers to redistribute or resell copies of the tool kit that they purchased. This is software piracy but because the software itself is illegal, it is not possible to seek legal redress through the normal legal channels.