Also, it can be on your router which you use to connect to the network.

There was a really widespread vulnerability discovered a little over month ago which was affecting significant number of home routers: http://www.pcworld.com/article/2097903/asus-linksys-router-exploits-tell-us-home-networking-is-the-vulnerability-story-of-2014.html

It's hard to use to steal coins as all cryptocoin-related traffic is encrypted with the exception of mining. Maybe someone started using this vulnerability to hijack cryptocoin miners?

Anyone heard about this issue among users of non-multi-coin pools?