OK...I'm gonna put my Satoshi in here, and then get off the forum for a while...not getting anything done otherwise. Security is my "thing."

Someone had to access your PC to manipulate your wallet, and it could have been done either via the net or in person. It could have been done simply by (1) having physical access to your machine, or (2) accessing it through the 'Net, and your router didn't catch it. Since this caper would not require them to add any software, Linux (Ubuntu in my instance) would NOT pop up a window asking for your system password; Windows would care less unless something tripped one of its myriad switches, as it would not be seen as a "code change" and trigger UAC (I guess you can tell I'm not fond of MS). Summarily, they would have simply had to transfer your wallet.dat file, and then could have done whatever they wanted with it unless you had it encrypted. It doesn't really matter which flavor of wallet, or even OS, you use...it's just that you must encrypt the wallet for it to be really safe.

Peace

EDIT: I would not use a remote wallet under any circumstances, except for my exchange...and I only keep enough in there to cover my draws. The only really secure place for it is on your PC's HDD or whatever...LOCAL. BTW...I just use the Bitcoin Core's wallet. I don't want to mess with the integration headaches that apps like Armory create.

Sorry. Now I'm outta here until tomorrow.