I had lent my phone to a friend which was less than a day long(a couple of hours at the max)

But when i got it back, i didnt realise for a month that it was backdoored and was sending my data to her untill, she said something personal and it was only on my phones local media(it happened multiple times and on different things and they all were correct)

Even my feed (instagram, pinterest) completely and suddenly changed to different stuff which was irrelavant to what i like/do It even suddenly prevented me from posting on some sites (which could be bypassed by a vpn)

Later she even hacked both my google accounts which had 2fa and i cant access it anymore because she removed my phone number from 2fa and changed my passwords(so is the case with my password manager so i had to start all over again with all accounts)(keylogger)

So i immediately factory reset and then reflashed my phone with stock firmware and then continued to use it for another month, but the symptoms still persist (only on the phone which i had lent her) even after creating a new google account and using that for all other accounts with no backup of any kind and used a local password manager with different randomized passwords (It looks like it has full access to my phone)

So i am led to believe that something was done to physically modify the phone(lenovo p2a42) like an evil maid attack(probably firmware/hardware backdoors)

Assuming that i am correct, I dont fully understand how it works, i tried researching it on my own but didnt find much about it, so i would like a scientific explaination about how it works and also how to detect, prevent and remove it

Before buying the phone, she had warned me to avoid phones with locked bootloader(oppo,vivo) and go for phones with an unlockable bootloader(1 ) (Is there any difference in evil maid attacks on phones with an unlockable bootloader vs a NOT unlockable bootloader) (Also assume if the attack is not possible on NOT unlockable bootloader phones)

TLDR; I want to understand how a firmware/hardware backdoor placed by an evil maid attack can still function as normal without any signs of compromise (locked bootloader) as well as survive a factory reset and a reflash of stock firmware on android

What can i do to detect,remove and prevent this kind backdoor? Any information relating to evil maid attacks on android would be helpful too(especially if it includes the bootloader) (Ps: I have done my research about this on google and such but couldnt find much useful stuff about this) Sorry if I sound too paranoid or my question is too long etc I am just concerned please correct me if I am wrong

TIA