Has this been proven by a corresponding packet dump listing "Write EEPROM, offset 0, 4 bytes: [0,0,0,0]?

Or are they -sneakily- bricking the device by evoking an unintended reaction to a seemingly innocuous command?

The former will be easy to prove, the latter.. probably not so much.

It's been proved by reverse engineering the FTDI drivers and annotating the code. It exploits some edge case in which the counterfeit device does not behave exactly like the original. https://marcan.st/transf/ftdi_evil.png

Check out FTDI's Twitter feed: https://twitter.com/FTDIChip/status/524928658180304896

They're being somewhat evasive, but it's clear that this is intended as a deliberate anti-counterfeiting strategy.

Wow they could have planned this misadventure a bit more carefully. Having decided to do this stupid destructive thing, they should at least have resolved not to admit they did it on purpose. The general public would have much more sympathy if the story was "after lengthy investigation, we've determined that the bug only affects counterfeit products... we have sympathy for all victims of counterfeiting." Instead, they've gone for "in your face, you cheap bastards!" Honesty is not always the best policy, especially when you're evil.