IIRC from my time playing with Norton Utilities back when it was a real hacker tool, you only need to format the disk as usual then hand-modify the disk size in the MSDOS (2nd, logical drive's) boot sector. The FAT will contain all the entries needed for keeping parts of the file in correct order, and Windows will happily report the drive size from that field. Assuming the flash drive's firmware/circuit doesn't report errors but rather uses the low bits to address the sectors (laziest way to build a flash controller), explains how "only the last part of the file" gets preserved (i.e. not overwritten).
For the FAT to stay non-corrupt I would assume that Windows writes a full copy from its cache right after writing the file, that would not be an unreasonable assumption.
All in all: extremely easy to reproduce, no special controller needed. Probably just a guy that realized how Windows behaves after changing a couple bytes on the disk, and another that said "hey, we can make money off that!"
The FAT is many sectors long, I'm not sure why Windows would re-write the entire thing.
Now, OTOH, you could just mark the areas the FAT uses, and all their aliases as in-use in the bitmap, that'd prevent them from being overwritten (but chkdisk would notice). You could additionally put a file on all those sectors, then chkdisk would pass, but you'd show a fairly large amount used (for your large file).
For the FAT to stay non-corrupt I would assume that Windows writes a full copy from its cache right after writing the file, that would not be an unreasonable assumption.
All in all: extremely easy to reproduce, no special controller needed. Probably just a guy that realized how Windows behaves after changing a couple bytes on the disk, and another that said "hey, we can make money off that!"