I got that, but this part here didn't mention any USB drive...
"We had an air-gapped computer that just had its [firmware] BIOS reflashed, a fresh disk drive installed, and zero data on it, installed from a Windows system CD," Ruiu said. "At one point, we were editing some of the components and our registry editor got disabled. It was like: wait a minute, how can that happen? How can the machine react and attack the software that we're using to attack it? This is an air-gapped machine and all of the sudden the search function in the registry editor stopped working when we were using it to search for their keys."
Air-gapped and no mention of USB...
Magic or just inaccurate description?
One of those "keep reading" things to keep your interest, I suppose. A journalism thing?
"For most of the three years that Ruiu has been wrestling with badBIOS, its infection mechanism remained a mystery. A month or two ago, after buying a new computer, he noticed that it was almost immediately infected as soon as he plugged one of his USB drives into it. He soon theorized that infected computers have the ability to contaminate USB devices and vice versa."
I think they mean to say it was a computer that was previously infected and then airgapped, wiped and reinstalled. But because the executable load is in the bios, it persisted and reestablished communication with its peer via HF audio.
From what I understood, audio cannot serve as a first infection vector, but it could serve as a reinfection vector even when the BIOS was flashed, as the malware apparently also infects the RealTek audio chip software (according to what he reports on G+).
That would explain this scenario: the malware has been erased from the disk and the bios, but still lives in the audio chip, download a new payload through the high frequency connection, and boum, the computer is infected again.
