It’s always been a thing that the only way to completely be safe after malware is yeeting the old system and getting a new one…

And even then there have been actively exploited issues where the system gets re-infected when reloading the data from a backup. (My memory is a bit rusty on that one, but it was just data being restored, nothing that should install anything)