This is a personal report, and a short briefing on what to do as a preparatory deal if you were to receive a group text "scam".-------------------------Currently, ICE is deploying an Android, at least, based RAT (remote access trojan) thru group texts. These texts appear as scams, related to bitcoin, investments, or look like ads from businesses you have recently attended.In my case, my phone number used to belong to someone from South America. I only know this because their family would call me looking for her, and I'm not that person. So, it'd be on some employment app that they pulled, ingested, and ran through a bot farm.What happened to me was late in the day, at about 9PM, I was working on moving my networking equipment in my house. I recieved a group text offering some scam thing for banks, and I replied "If you actually want to make money go do this thing and stop spamming my phone", deleted the chat, and pretty much didn't think about it.I got really motivated to keep going, as I have a back injury and it finally stopped hurting, so I kept working as much as I could before I became completely exhausted.At about 5AM, right as I was about to go to sleep, I received a r e s p o n s e.This response was from a 1(844)XXX-XXXX numberNow, I am starting to have my injury and arthritis fire off, I am putting diclofenac gel everywhere, I'm not really thinking about it because I am clearing up my space so I can plop and sleep.I accidentally click the text, not thinking about any risk. USUALLY that sort of thing is a photo you have to view, or a link you have to click.I'm thinking whatever I'll block the number, which I can only do if I open a text, and then back out and delete the text.My phone shuts off. Dead. And not like the battery died, because it was at 15% and I had stared at the % for a moment before clicking the text.No, this was just, bang, off, like the battery controller had been suspended outside of the OS.TMobile has agreed to replace the device after much deliberation.-------------------------In case you AREN'T aware, android phones keep a percentage of the battery nowadays for a steady shut off. The processor runs in State 0 so it can pull updates OTA, or if you have an alarm, the phone will "wake itself back up" and ring the alarm at your lock screen. Equally, if you have an emergency contact call or text you, the phone will "wake up" and tell you.What the device should do is, at a programmed percentage at the factory (5, 8, 10, or 12, depending on the battery size / manufac) the bootscreen will come up, and S0 sleep the device. If you hit the power button, it will actually, usually, try to wake up, tell you it needs to charge, and then shut back off. At least my phone does that.The device should still be able to get to the bootloader, or recover menu. ADB should also be able to wake the device, should you have those options enabled. This is not in EVERY rom, but some support this. Other devices act like they need to be plugged in, and display the charge symbol. My OnePlus 9 only does that at Critical Battery.At critical percent (2 to 5), the phone will not attempt to boot at all. You cannot get to the bootloader, nor the recovery. ADB also does not connect, despite whatever settings you had set up in OS. Most devices will only display the charge symbol, others won't do anything, and a very VERY small percentage wake the backlight up, but display nothing.--------------------------In this case, the display went off. Like, firmware suspended off.Like the backlight went off, the display sections faded together, and the pixels faded out like if you turned off a gameboy color.This phone is babied. Despite the crack on the back, which was from me setting it down on coins on my desk, theres been no real shock damage to the device. Half the time I leave it somewhere and don't even take it with me. So, after some searching, I can only determine this to be strange behavior.After some asking around, people calling me a troll, and getting kicked about a couple forums, IRC channels, digging up some documentation, and some cybersecurity news, I learn of Graphite.From what I understand from other reports, this includes RCS.Essentially, what Graphite does is infect a Host, whether that be Whatsapp, Telegram, possibly Signal, who knows, and roll off a bunch of messages to whatever targets the intruder wants access to.These messages include what is called a "Zero-Click" injection, and will embed a rootkit onto users devices.The actions of the software, upon deployment, match the description of what I witnessed. Firmware shutdown, no weird apps.Whether or not the software embeds to the SIM is unanswered, however I assume how it works is this, at least for how it was deployed to my number:"Call" is given out to list of numbersThis "Call" can be whatever you want it to be, as it is sent as a group text.Users "Respond" via a message, or RCS indicates a user has left the group chatA message, with injection, is then sent to the users deviceThe Rootkit then installs to whatever exploitable circuit is available. If you know about the PSP Pandora Hack, how it used the battery BCM and cell to store data, this is likely one route used.As a SIM can be replaced, data installed could get in the way of the SIM being used.Instead, the rootkit is installed to the phone's chipset, allowing access to the device, and surveillance of the SIM card.Again, theres no app, theres no indicators at all.In fact we don't even know yet if its a 2 part injection, where an activation packet is sent in the groupchat, and then the malware is sent afterwards.---------------------MY ADVICEIf you get any sus group chat, dump all your data immediately, wipe the phone, rewrite the rom if you can.IF YOUR PHONE GETS HACKED GET A NEW ONE DO NOT FUTZ AROUND