It is based on the idea of establishing a connection to the P2P networks of cryptocurrency enthusiasts, fetching information from transaction records and running it as a code.
So it is complete FUD - no normal Bitcoin client works like this at all.
You'd need some specially created Bitcoin client that uses something like OP_RETURN data as an executable (and I don't believe there even is such software in existence unless Kaspersky created it just to published this FUD article).
CIYAM, I agree that the way we're reading that line makes no sense, as no Bitcoin client will execute the code like this. However there is the chance that a malware or virus could use the Blockchain to store its data and code, it would be more resistant than storing it on some hacked server in Russia.
So the virus attack vector would be the same as always, a dodgy email, a USB drive found on the side of the road.
The difference being, that when the virus turns on, it'll always be able to find it's P2P network, latest instructions, latest patch for the virus, as it'll all be stored on the eternal, distributed, invincible database known as the Bitcoin blockchain.
Of course a couple of issues with this:
1) The cost to store this data would be stupidly high. Much better to used some hacked servers.
2) As I understand it, most Bitcoin clients do not store the 40 (or is it 80) bytes of arbitrary storage available per transaction.
(Meaning that if not enough nodes have the stored data that the virus needs, it'll be useless)
I think this issue might be worse with Ethereum, as the virus can be sure that all nodes are saving all the code on the blockchain.
Remember, we're not talking about getting infected from the blockchain, but once infected, the virus will use it's updates and data from the blockchain to update itself and be commanded.
I think that is the only real threat here, and I am not sure if it's even a practical one.