I am going to focus on the botnet issue because it is the only valid criticism I have seen of XMR among pages and pages of anti XMR posts. As fluffypony has correctly pointed out above virtually every POW coin and all POS coins are vulnerable to this. The notable exceptions at this point is XBT, and coins such as NMC that are merged mined with XBT
because of ASIC mining. To understand and deal with this issue we must go to the root cause and recognize a fundamental flaw in distributed crypto currency models:
The solution here is to move the functions critical to the security of a coin away from DRM infected propriety operating systems such as Microsoft Windows to FLOSS operating systems such as GNU/Linux. In particular with a POW coin this means mining. This can be accomplished in a CPU / GPU coin by developing, releasing and supporting mining software only on GNU/Linux, and even going as far as avoiding cross platform development tools for the mining components. Making the mining software highly optimized for GNU/Linux. Targeting the ARM platform for mining is also a possibility. The idea is to make mining the coin far more efficient on GNU/Linux than on Microsoft Windows thereby putting botnets at a significant disadvantage.
This excludes that vast majority including over 98% of desktop / laptop computers running propriety Microsoft Windows or OS X
Since when do people not get root access on OSX or have control of their system? Sure Apple has a walled garden with gatekeeper and AMFI by default, a user can override this if they wish. It's not really DRM as much as it is codesigning enforcement.
All coins are of course vulnerable to botnet mining, CPU coins especially so. The largest XMR miner on minergate, botnet also. There are numerous ones mining XMR, and more will come for sure as the coin increases in value & exposure. I the don't see it as huge issue personally, botherder tend to dump regularly instead of hoard. In some cases the market will feel no impact, because smart accumulator comes along with some webmoney to speak with, for all he knows is a AWS miner. Trying (and failing) to relegate CPU/GPU PoW on 'gnu/linux' than windows won't fix anything in long-term and it simply creates an uneven playing field and diminishes the user base
Actually coins that are mined with ASICS and FPGAS are not vulnerable since these devices run GNU/Linux. To have control of one's computing devices one needs both root (obviously) and a FLOSS OS since a propriety OS involves trusting the OS vendor typically a large corporation that there a no "malicious features" in the OS. If furthermore the OS is infected with DRM security analysis of the OS becomes illegal because of anti-circumvention laws. This discourages the good guys but not the bad guys. The bottom line here is that an OS vendor can either make the security and privacy of the end user paramount or the security and greed of organizations such as the MPAA, NFL etc paramount,
but not both. One simply cannot serve two masters and no matter hard Microsoft or Apple tries they will fail to protect the end user.
GNU/Linux is FLOSS and also has enough GPLv3 code deep inside the OS to ensure that the owner of the has to be provided with root access. OS X comes close for historical reasons; since it does have a fair amount of FLOSS in the OS and the "owner" of a Apple PC is still granted access to root by Apple. The problem here is that Apple has built a hugely successful business around DRM infected locked down devices in IOS. Furthermore code signing is how DRM is enforced in IOS, and it is a gatekeeper "upgrade" away in OS X. In the meantime any GNU/Linux optimized code can easily be ported to OS X.
Microsoft Windows is another matter. The operating system source code is a closely guarded secret when it comes to individuals and small business but it is provided on a regular basis to "trusted" partners such as the NSA (United States), the FSB (Russia) the PLA (China), and a host of other governments and large corporations. Microsoft is also a founding member of PRISM.
https://en.wikipedia.org/wiki/PRISM_%28surveillance_program%29. If you are a Microsoft Windows user I suggest reading the EULA in particular the section on "malicious software" Who determines if software is malicious?
If one clicks "I agree" on the EULA one has given permission to Microsoft to remove crypto-currency software including files such as wallet.dat, wallet.bin etc., should a crypto-currency be deemed "malicious" by a government or by Microsoft itself. When it comes to POW coins it is very important to recognize that most users do not need to be securing the network. All that is needed for this task is a widely distributed group of individuals that have complete control over their computing devices. It is for this reason that when it comes to
mining the use of GNU/Linux must be encouraged and the use of Microsoft Windows discouraged. The objective here is to create a strong enough network of secure computers mining on GNU/Linux rather than to try to prevent mining on Microsoft Windows. Regular users should of course be able to use Microsoft Windows, just as they should be able to provide their private keys to the NSA, the FSB, the PLA, etc. if they should also choose.
Edit: Windows botnets are really a symptom of a much worse problem.
as if you haven't got enough weighing down your bags