I hope this is the correct stackexchange website to ask this, if it's not I'm sorry.
Some time ago I started giving private lectures to a girl and she told me, a computer engineering student, that someone she knows is hunting her and managed to gain access to both her mobile phone (some iPhone I think, she generically said 'apple') and personal computer (also Apple), downloaded her personal photos, peered into her google account, changed her passwords many other thing, and she's been struggling for almost one year now to try getting rid of it.
While I'd love to work into information security one day, I don't have enough knowledge about the Apple world to help her on my own and I thought when she'll be back (she's away on business right now) that a good way to protect her would have been to
- Doing a clean install of her mobile phone's OS
- Doing a clean install of her PC
- Setting a 2FA or MFA on her google account so that to access anyone needs to be physically in possess of her mobile phone
- Blocking all the incoming SMS (I know you can be infected via external links from SMS messages, she thinks she shouldn't be forced to do this and she wants to behave like she did before this all happened, and I feel her, but this way she'll never be completely safe).
Is there something else I can do to remove everything and keep her safe? I know some malwares and spywares literally infiltrate into the bootloader or the BIOS and if this is the case (can't tell if it is) just clean installing won't be enough, nor a factory reset... We're willing to pay specialized technicians to do the job, no matter the price, just in case do you know any reliable company that can do the job?
Thanks!