Bios – How can malware survive the hard disk drive format without being in the firmware?

For example, could it "outwit" most partitioning / disk utilities that it was successfully deleted but the malware still exists? A bit similar to what would happen if you try to "cleanse" an infected BIOS, where it informs you that you've flashed it, but in fact, nothing happened and it's still in jeopardy.