I'm willing to bet these are all windows users. What will it take to dispel the belief that running an Anti-Virus program protects them from trojans.. Even in the reddit AMA with the botnet operator, the guy said he uses techniques to keep his bots FUD (fully un-detectable) from AV programs. Going after mtgox passwords (or passwords for other bitcoin services) from trojan keyloggers is the absolute easiest way for them to get money, easier than credit card numbers, bank logins, or anything else. Probably wasn't that common last year, but by now it must be the first thing any botnet operator would search for in their logs.