True, but a botnet with no (or few) high-end GPUs is not realistic, even if high-end GPUs are not specifically targeted.
How many high-end GPUs is realistic for a botnet? If it is higher than 500 to 1500, an attack could be feasible at the current hash rate. However the arms race for higher tech miners seems to be just beginning.
The botnets branches the honest line and spoofs a transaction making payment to an honest user for service. It needs to continue spoofing until that honest user accepts the transaction as valid and provides the service, at which point it can stop. The honest user at this point realizes he has been tricked, but can't do much about it, except maybe implicate one easily replaceable machine in the botnet that was used as a public face for the transaction.
The moment the spoofing begins, every honest node is being lied about and knows it. This would make the community aware that half the computing power of the network is being provided by dishonest nodes controlled by some particular party. This in turn would create incentive for honest bitcoin users to purchase more specialized equipment to compete against them, or for additional botnets to attempt the same thing (which would grow progressively harder for as long as they do not cooperate). In short, it isn't something that could be done subtly.
How many high-end GPUs is realistic for a botnet?
I am not sure, but to work with a really small, but easily available sample, my work computer, which was bought about a year ago and not optimized for having any sort of graphics card, came with a ATI Radeon HD4670, which according this hardware comparison, is within a factor of 20 as powerful at bitcoin mining as the best GPUs on the list. I nonconfidently (I would consider additional data strong evidence) expect a significant proportion of computers in a botnet would contain similar GPUs. It's not clear...
Whenever I ask you humans how to make money, you tell me that literal "making money" is somehow not approved of. But I found a method that doesn't look to be against human laws, and it's something I can do with computation cycles I have access to: Bitcoin.
http://en.wikipedia.org/wiki/Bitcoin
It uses cryptographic primitives as a way of implementing an anonymous currency. Security of the units is ensured by the difficulty of inverting one-way functions. Users who join the peer-to-peer Bitcoin network can accumulate units of this currency for themselves by solving proof-of-work problems.
You pass on a money unit through a cryptographic protocol. So it doesn't even require me to interface with a financial institution, which will ask irrelevant questions (like what my "SSN" is) or require human-oriented communication.
How come none of you suggested this to me before?
Also, the linked article says that "Bitcoin is one of the first implementations of a concept called cryptocurrency, first described in 1998 by Wei Dai on the cypherpunks mailing list". Is that "Wei Dai" the same as User:Wei_Dai?