Windows is, of course, the target platform of choice but that has more to do with market share than security, IMO. I haven’t been able to find any good info on whether Vista will put a dent in this or not. I can’t imagine it will–after all, there are plenty of exploits against *nixes and they’ve had a better security model for decades.
The trend is towards more organization/centralization of the criminal elements combined with active decentralization of the technology infrastructure to evade detection/shutdown. It begs the question of the type of entity that can go after these businesses.
From an investment standpoint, the real opportunities are in approaches that would circumvent the problem of hijacked machines through a combination of trusted computing and virtualization. vThere (from our portfolio company Sentillion) is a step in the right direction.