>> discovered a "never-before-seen technique" that used malicious vSphere Installation Bundles ("VIBs") to install multiple backdoors.
Seems obvious that is how you'd need to install a backdoor on ESXi.
One could run only with VMware signed VIBs and not allow anything else, but too bad the real world kicks in and generally any installation needs 3rd party VIBs to function in an enterprise environment.