Malware transmitting data doesn't need to take over the entire connection (at 1 baud for instance).
It can simply send out ethernet traffic (UDP packets in this case) amongst all the other full speed ethernet traffic on the wire. If they do it at a slow pace and with a certain pattern, the receiver can filter out all the other traffic to read what was being sent out.
Obviously this is still theoretical and difficult to do, but in theory it should work, as stated in the article.