So the standard protocol to remove this nasty malware is to re-flash with know good fully audited ROM, and Toss the also infected SIM card.
Please don't mention those common compromised turnkey security ROMs claiming to be safe, which you are in fact self-pwning your hardware, by the same parties who have mischievous developers contributing to those, conveniently available ROMs.
Standard flashing only overwrites the [System partition] and [Boot partition], which is NOT effective by itself!
What exact steps running under Linux allows complete overwriting of the?:
 Vendor partition.
 Radio Partition
 "Misc" partition.
 Persist partition
 ODM partition.
Above done Before you install the clean custom built ROM.
Yes, i know there are 2 separate processors and OSes running underneath the main one you visually interface with, each having both 100-percent access to modify it real-time, after time spent doing clean-up. But i can address this part on the IC circuit level.
Moderators, please observe and remove any "suspected" rants DEFLECTING from the task we are trying to safely accomplish here.