I agree. I call bullshit.
What he describes is plausible, especially if the flash is socketed. But, not bloody likely. Considering that this malware would have to add itself to the existing flash image as an option rom or by infecting and rewriting part of the bios code and then writing that back to the rom.. Unless this was a targeted attack, the malware author would have to work out logic for each one of the major base BIOSes in use - phoenix, award, dell, lenovo, etc to be able to infect them. This is ignoring lots of machines which prevent either prevent rewriting the flash without physical access or require the new system image to be signed. Also, keep in mind that testing this ahead of time is rather difficult given the wide range of different BIOSes on different motherboards, etc. any unexpected bug could render an infected machine unbootable. So, hell of a lot of work for the malware/virus author with quite a lot of risk for failure.. especially when there's a lot of lower hanging fruit.
I don't doubt that it's happened to someone out there.
Also, I do believe this is one of the scenarios Intel TXT is for.