Yeah, this is inevitable, because if you look at the perfect method for getting malware onto your PC it would be: a website that you go to and then allow processes from that site to run on your PC. Couldn't be better!
I guess I'd score the perfect trojan insert method like this:
1. A game site - you go there and say "OK run this stuff on my machine"
2. IM - you turn on instant messenger and open your PC up to the entire Net. Excellent. Using IM + bad firewall and bad a/s = botnet slave.
3. Screensavers - you download an executable and run it. Made in who knows where. It runs when the PC is idle and you're not on the machine. Perfect.
So like you say, online games need A1 security before you go there.