I thought that this bugcheck is caused by pointers/memory management bugs in some device driver code, but there is popular opinion that malware activity can also trigger it, for example some virus causing the network driver to appear guilty in the blue screen.
How can malware cause this bugcheck, because it can only make system calls and not interfere with the drivers making page faults while in higher IRQL?
If the malware knows about a call that can make a driver behave badly then that could cause it. For example, say you knew calling a specific set of network APIs would make the driver fall over then you could cause a BSOD from user code at will. Hopefully these types of exploits get found and patched.