[moutarde]

If this malware is actually real then exploiting a large variety of different USB stacks (whether it's done via the the BIOS or OS stack) seems implausible. Maybe the flashed usb stick either:

1) Hides a bootloader on the devive that runs at reboot (assuming the BIOS allows it).

2) Pretends to be some kind of device (that most OS's have stock drivers for) that allows it to access main memory. Maybe it pretends to be a USB to firewire bridge (or something similar that gives it DMA).

[mschuster91]

Oh, it's just three or four USB stacks you have to mess up: 1) Windows (hey, they've found bugs exploitable in every Windows from 95/98 up to 7!), 2) Linux, 3/4) Phoenix/Award BIOS.

Assuming a government is the adversary (and we ALL know that the NSA sits on a very comprehensive list of exploits!), then this part is actually the easiest.

[moutarde]

It's not just four stacks (or more, because the article also mentions Apple Macs and BSD) that you have to "mess up". You also have to mess them up in such a way that you can exploit them without a disk even being mounted. That four/five/six stacks are all exploitable to this extent because of buffer overruns (or similar) seems implausible.