They didn't say how it is installed; only what it does once it is. I can't find any info on how it gets onto a system. A trojan would be the simplest way, but a browser vulnerability is a possibility as well.Yes they do
Looks like it hides itself as a JavaW app and needs installing just as any malware does.
More interestingly if the command method has been intercepted (both the reddit search and the listed ip's can be blocked now), then the botnet is fatally compromised.