Correct me if I'm wrong, but given the P2P nature of bitcoin, wouldn't it effectively give someone interested in malicious activity a list of target IP addresses? In theory he could set up his own P2P, watch for large transactions, and then he has an ip running a bitcoin client who (potentially) has a large wallet.
Then it's just a matter of running common exploits (or new ones, if you have them) in order to access the machine and the bitcoin wallet.
I've thought about that as well. But I would imagine if you have the technical chops to do that (I'd be interested in seeing a distribution of Mac/Linux/Windows users for BitCoin as well), you'd have the technical chops to get more money from other ways than stealing a few bitcoins. That said if I were a botnet master I'd put in some code to search for a wallet as a 'bonus'.
No, you can make a receiving address without ever connecting to the network. Current clients won't do so (that I'm aware of), but it's entirely possible.
The main reason though is that new addresses aren't broadcast. The only time you know their ___location is when they send, and only if you were watching their traffic / the traffic of all nodes they sent to.
Then it's just a matter of running common exploits (or new ones, if you have them) in order to access the machine and the bitcoin wallet.