Infosecurity understands that the kit was recently uploaded to free file-sharing services, and the download link then posted on Hacker News.
The BlackHole exploit kit is a relatively new hacker toolkit, having first appeared in Q3 of last year, with a price tag of $1,500 for 12 months, falling to $200 for one week licence.
According to Hacker News, since the kit appeared last September, it has "quickly been gaining market share over its vast number of competitors."
"In fact, many antivirus vendors now claim that this is one of the most prevalent exploit kits used in the wild. Even the malware domain list (MDL) is showing quite a few domains infected with the BlackHole exploit kit", says the newswire.
"One highly touted feature of BlackHole toolkit is its TDS (Traffic Direction Script) feature. While this is not an entirely new concept in attack toolkits the TDS included here is much more sophisticated and powerful than those in other kits", adds the newswire.
A TDS, says Hacker News, is an engine that allows redirection of traffic through a set of rules. For example, a user can set up a set of rules that redirect traffic flow to different landing pages on their domain.
The Softpedia newswire says that the free availability of BlackHole will not make paying customers very happy.
"Even though their licences include free upgrades and support, they doesn't necessarily justify $1,500 when others have access to the same package for free", says Lucian Constantin, the newswire's editor.
"Just as in the case of the Zeus source code leak, this release is also bad news for Internet users, because it can have dangerous consequences", he said.
"One is that, since anyone can download it, the number of BlackHole attacks will increase. Fortunately, setting up the entire infrastructure needed to pull off very successful attacks is above the abilities of the average cybercriminal" he added.
The second consequence, he goes on to say, is that those knowledgeable enough can modify the kit to suit their particular needs, so creating a number of customised variants.
"As with any drive-by download attack, the best protection against BlackHole attacks is to keep software up to date and to use an antivirus engine with good heuristic detection", says Constantin.