>>manjan+Xq
All phones have a 'baseband' firmware which controls the actual radio hardware - it's a binary blob installed by the manufacturer and generally not available to the user to tinker with, although as expected there have been many projects to reverse-engineer them. The firmware exists 'beneath' the OS and all user settings, so in theory, if it's compromised (and there have been PoCs), anything that happens in the baseband would survive a wipe and reinstall of the OS. Basically it means putting malware in a place that the user cannot delete it from.
Malware in the baseband firmware could theoretically intercept or disrupt radio traffic, or migrate from the firmware to the phone via other exploits in the OS to gain even more control. In essence, it's a particularly nasty thing that surveillance states would definitely use to their advantage.
This is why 'burner' devices should be exactly that - destroyed after use, because you simply cannot trust them after they've been anywhere near an invasive surveillance setting.