A couple of things to note about the games aspect.
First, the illicit market for in-game assets ("gold selling") is over a billion dollars a year in transactions. Most of this comes from compromised accounts, and a billion dollars is enough to catch the interest of the cybercrime "big boys"; the moreso because law enforcement isn't going to do anything about it.
Secondly, video game hacks are every bit as effective an entry point into your computer as a poisoned PDF or Java exploit; even better, actually, since the bad guy knows for sure that the software to be exploited is installed on your computer. Once you're compromised, the key loggers will happily record your online banking and finance transactions, the botnet clients will have you sending out goat porn, and your computer will be participating in DDoS attacks. It doesn't matter how you became compromised; the result is the same. You no longer own your computer, and the bad guys can then use it for anything they way.
And let's not even talk about the common practice of using the same email address/password combination in video game logins as elsewhere...