not in ohio
|reply to SweetNoob |
Re: Possible for malware to covertly hide on harddrive sector
Bits on a disk can't magically turn into running code. Some already-running code has to read those bits into memory and then execute the bits is has read it.
This means malware has to insinuate itself into somewhere that's going to get executed. The master boot record is one such place. The OS kernel file is another. Any frequently-executed program is yet another. However, the point is that simply being on the disk doesn't do a thing.
And whether it survives a "reformatting" depends on what that reformatting actually does. Certainly the malware bits will no longer be in any file in the OS's file system. If "reformatting" writes to any disk block then the malware bits aren't there either.
There might be some funky stuff possible with the host-protected-area (HAP), which logically doesn't exist as far as the OS is concerned. But the code still has to get executed somehow, so there would need to be a BIOS tie-in. Or at least the OS would need to be compromised by adding a loader program that would load the malware from the HPA.