At 06:42 PM 2/12/2014, Peter Gutmann wrote:
http://www.livehacking.com/tag/network-card-backdoor/
Proof of concept was been proven in 2010. Practical application is probably being done by now. Somebody is asleep behind the wheel if it is not.
It was demonstrated well before then, Arrigo Triulzi had demonstrated running an SSH server inside a NIC several years earlier.
Back in the mid-80s I ran a secure computer center (with a huge VAX 11/780 :-) and the Army/DoD/NIST rules for secure computers needed to know who wrote the channel programs that the computer was using. Channels were a mainframe thing, which predated the VAX; the closest equivalent we had was a KMC11 processor that sat in the Unibus and handled interrupts and cooked-mode input for the serial cards. So yes, proofs of concept have been around for a while :-)