First, when I was in grade 10, I happened to have a crush on a girl, I was new to social media at the time so she introduced me to it, mainly Instagram, so she asked me to open an Instagram account and download a follower app from the play store on my device to track unfollowers which I thought was useful then
Second, during late 2018, i got a text which was a weird link by my crush on Instagram and she asked me to click on it, download and install the apk but before doing this she asked me to unlock and open developer options and enable oem unlocking(maybe some more things?, Any theory which I may have done to cause this to happen?)
There was no sign of the app after installing it
The app was a known malware(trojan/rootkit ig) and I had to press install anyway because she was insisting me to (The name of the malware had around 3 words, some of them including the word love and girl (I think)
She then told me to delete the apkand then told me not to mess with my phone (like root it and flash) and forget that it happened
Later she got to know and told me to never use greenify, VPNs and swipe typing again
I also told her that I kept some secrets in my phone that I wasnt ready to share,she asked me whether I had stored my secrets in a said space and I said yes and she then stole my phone
She also did a sim swap with my consent, i even sent my digital identification card to her and (even my fingerprints I think) (I didn't know at the time that it could get this bad and was naive so please ignore this part)
As the year went on I realised that whatever I talked about(my interests) with my friends(some personal) became the talk around the students of the same grade which was strange but ok (maybe my friends were mad)
A year Iater i realised the follower app was also a spy app in because of the unknown logins I saw (crush used it to spy on me and asked why when I removed it) (imo this is redundant to the real malware and prolly used before getting full access if I'm not wrong) and I uninstalled it
A year later I realised the situation was getting worse as I lost contact with my friends and my interests were still being talked about and shared(updated version) so I decided that it may be the apk from before that was doing it and did some surfing and decided to factory reset the phone to close it
Then the sim started getting disabled so I told the complained about the sim swap they said ok but idk for sure, (ik that I could use sim lock but it's cumbersome)
But no, the malware still persisted as my personal media still got circulated and my search history became my enemy(keylogger) (i was slowly realising what I had done) I got to know she knew was I catching on
so after that I kept changing passwords she then logged me out of my password manager (which had all my accounts) and later she even called me to ask if I had a new phone when I stopped using it for sometime
I have a Redmi 4x satoni
My phone is not rooted and I haven't flashed it
Then now the only option that was left was to flash it, i took the phone to a repair shop and he flashed it with a stock image without unlocking the bootloader using mi flash tool and now I thought it was finally gone but it wasn't the symptoms persisted and my google account, no backup and new accounts for everything which was made from scratch only on the phone and told no one after reflashing and a factory reset, it was still getting logins by a Linux laptop (chrome) which is her ( and then it went of prolly due to the malwares features
I tried to detect it first by using all avs but no luck I tried phone hardening,uad, tried using mobile verification toolkit( its complex), tried factory reset (from recovery also and the settings) and flashed it without unlocking the bootloader
Also is it really necessary to unlock the boot loader?
Some tell that it's needed to unlock bootloader while others don't
And also it can prevent me from posting on some sites(I used a different device and it checked out)
(I know I could buy a new phone but I want a solution)
Please help me out here as I'm looking for ways to detect and remove it, how it functions, what is it and where I can find more information on this
Also any theories about what could have happened in case I missed it are welcome
Any suggestions which I can use which I may have missed?
there doesn't seem to be anything here