Hacking devices' firmware

[Book]

Every once in a while, while browsing through various reads, I happen to find some peculiar articles very much like this, and I always wonder one thing - just how easy would it be to infect the various devices' memory with a piece of malware like a sniffer or a keylogger? I surely do not understand most of the above article, so if anyone has any input as to how or most importantly if it can be done (for example, infecting a graphics card), and what possibilities there are (like if the card could possibly infect other systems if moved, how stealthy that would be etc.) I'd very much like to hear it!

[Cool_Fire]

Well, you can theoretically infect hardware, but you'd obviously need some very low level access to the machine to get it loaded. If you can get something into the firmware, the machine will be forever owned though.

The problem is that it's just really impractical, but it can be, and has been done.

[psilocybin]

pretty interesting article, I think it was talking about a local escalation exploit for some remote administration chip that they are putting in business machines (by the same chick that made bluepill). pretty hardcore.

I've thought about infecting the firmware on a computer or embedded device and reselling it as used (or maybe I heard about someone else doing that?). no one would suspect because it's so unheard of. almost enough to make you paranoid.