This sounds like complete BS. Don 't these hardware devices use embedded OSes embedded in EPROMS or EEPROMS? I wouldn't think they could get a virus from a PC. This sounds more like deliberate sabotage performed much further upstream when the vendor gets the golden master to load into the devices during manufacture. There is huge money in the spam "industry" and large global gangs drive the technology. I suspect that somebody in engineering pinched the object code to be loaded into the devices and sent it to the spam gang where it was decompiled, the virus inserted and then recompiled. The engineer then substituted the modified object code from the spam gang for the original object code. My bet is that you'll find engineer(s) and their managers on the take in China. This is not a casual accident and money is changing hands. The big surprise is the US companies are not checking the code on the finished devices against their master or comparing simple checksums.
“This sounds like complete BS. Don ‘t these hardware devices use embedded OSes embedded in EPROMS or EEPROMS?”
Yes, but I expect most of them when plugged into a PC just appear as USB mass-storage devices to the PC. Resident viruses on the PC would be watching for any such devices to be attached and copy themselves to it. That’s not to say the infections aren’t deliberate, however...
-YYZ- offers the best explanation. Devices like iPods and flash memory sticks are usually pre-formatted for use with Windows or Mac systems. They will appear as mass storage devices when plugged in. So, what’s probably happening is that the testbed PCs at the point of manufacture are running Windows and are infested with malware. The malware is probably copying itself to the devices as they are tested using the PCs.