The Blackhole exploit kit is a framework for delivering exploits via compromised or third-party websites. Most notable for its sophisticated Traffic Direction Script (TDS), the Blackhole exploit kit enables attackers to configure rules that enforce custom responses. For example, the Blackhole exploit kit can deliver different malware depending on the victim's operating system, geographical location, time of day, or other criteria specified by the attacker.
In a typical scenario, a user would visit a legitimate but compromised website which had been outfitted with an iframe or external reference pointing to the Blackhole exploit site. (For an explanation, see Website Compromises: Understanding Web Malware. This invisible call would result in exploits and malware being delivered silently, while the user browses the legitimate but compromised website. There would be no external sign, i.e. the victim would not be forcibly redirected; they would remain on the legitimate site and likely be unaware of the malware loading in the background.
The Blackhole exploit kit has gained wide adoption and is currently one of the most common exploit frameworks used for Web-based malware delivery. TippingPoint research Alen Puzic provides an in depth explanation of the drivers leading to Blackhole's adoption.
Note that the Blackhole exploit kit should not be confused with BlackHole RAT, a remote administration tool that can also serve as a remote access trojan.