In this malware, they go to great lengths to wipe and encrypt all kinds of different types of data... (The mbr, the boot.ini, the event log, the scheduled tasks, the attackers batch file, the user's documents). When the simple approach would just be to send a low level command to the disk to write zeros across the whole thing.

Why not take that simple approach?