The huge user base that Windows operating systems have gives enough potential victims that the bad guys do not even have to use any sophisticated techniques. A simple executable file, which was ˇ°hiddenˇ± by a bit of social engineering was probably enough for them to get a /decent/ infected bot base. Besides patching systems and keeping your AV program up to date, it is obvious that user awareness/education is the most important element in an average users protection arsenal.
