Actually coins that are mined with ASICS and FPGAS are not vulnerable since these devices run GNU/Linux.
http://www.wired.com/2014/08/isp-bitcoin-theft/Enough devices were redirected to mine ~$83,000 worth of coins.
GNU/Linux is FLOSS and also has enough GPLv3 code deep inside the OS to ensure that the owner of the has to be provided with root access.
So much wrong.
There is no GPLv3-only code 'deep inside the OS', because Linux is licensed under GPLv2.
And there are millions of linux based devices out there for which the owner has not been provided with root access.