Hmm… that’s an interesting little fragment of a log, but I don’t think a “bandwidth thief” is likely.
The closest thing anyone can (usually) do to “steal” bandwidth from a site is to link directly to a file hosted at that site. For example, if you have an image somewhere, someone else could use an image tag to display it directly off your server. The same goes for movie files, whatever. But unless they’ve hacked into your account or you’ve given visitors a way to upload to your site (unlikely), I don’t think there’s any way they could be allowing people to download a file that you didn’t put there.
What that line means (I think…) is that there were 26 requests from a site that intentionally blocks the referrer info from being sent (that’s very uncommon in my experience). Those requests included three for web pages, and the other 23 must have been for files of some other sort. Since those 26 requests accounted for 76% of the external links (I think those percentages are only for external links), that means that most of the data transferred due to requests from other sites was due to that.
The bottom line depends on what kind of traffic your site gets and what kind of files you have. 26 requests isn’t a lot, but if you don’t get much traffic and you do have some big files (MP3s maybe), then those 26 requests could add up to a lot more bandwidth. If that’s not the case, then it’s probably something else–perhaps more people just suddenly started coming (maybe due to you getting linked or indexed by a search engine).
Check the totals for “Distinct hosts served” and/or the number of Successful Requests for Pages, and see if they’re proportionally higher, too. If not, something might be afoot. If so, maybe it’s just more traffic.
I hope all that helps a bit (rather than just being confusing), and I apologize in advance if I’m wrong about something–I know what I’m doing, but I’m not a pro.