[teagoat]

It's not the end of the world though. You're browsing on your android phone and suddenly it dials an unexpected number and you can see that it starts 900XXXXXXX or 976XXXXXXX. Most people are going to hang up pretty quickly. Sure, you might be out of pocket for up to $10 (I don't actually know how much mobile carrier charge for the connection charge), but it's not the same as losing all your data.

A more common attack vector to make money on compromised accounts would be setting up a call forward to an international number and then dialing the subscribers phone number. Illegal low cost calling cards often steal service by doing this. If there was a way to also retrieve the user's phone number, I can imagine a system where you dial the calling card company, input your code and the number you want to dial.... It tells you that it's trying to connect you and that it may take a couple of minutes... It snares the next person caught out on the website, sets their call forward to the number you want to dial, then dials that subscriber for you and connects. So then it's charging the wireless subscriber for your international call, and even if they then disable the call forward on their account, until you hang up, it's still charging them for the call forward.