New
#11
I specialise in quantity over quality
Other than the hardware device that Jacee brought up, there are at least three other theoretical vectors for malware (doesn't really matter whether it's a keylogger or a rootkit or whatever) to survive a full zero-filling of the HDD:
1) The disk and/or utility you used to nuke the HDD is itself infected. Sure, it told you that the drive was completely wiped and filled with zeroes or random patterns, but it actually hid a sector-worth of code which is going to be the basis for future pwnage once you reinstall an OS.
2) The BIOS is infected. After all, it too is code.
3) The machine supports hardware-level virtualisation and there's a hypervisor virus of the "blue pill" variety. It's completely underneath all attempts to format a (virtualised) parent or child partition.
Needless to say, all three are highly unlikely in a home usage scenario.
Quote