[ksenzee]

Wouldn't you know if you'd received a sketchy MMS from a number you didn't recognize?

[kenbellows]

The most standout part of this attack (to me) is that it can be 100% silent. The fact that the bug hits before the text notification is fired means that an exploit could potentially stop the notification, delete the message, and go on tramping throughout your phone doing whatever it wants leaving absolutely no indication to you the user that you've been hacked.

[oceanstone]

Not if the attacker deletes the message post-pwnage.

[Florin_Andrei]

But wouldn't there be a trail of notifications, or something?

[13]

If malware has root access it can alter everything on the phone without you ever seeing it. Any information falsified, all detection tools subverted.

[fragsworth]

Possibly, if Google is logging everything on their servers. It should be relatively easy for them to find out who got infected.

[lvs]

Proper pwnage would erase the MMS as soon as the exploit was complete. The only record of receipt would be on you itemized carrier bill.

[jboy55]

Except if the MMS went to an iPhone or other device not affected. Unless you can determine Android/iPhone from just a #, apple/blackberry/MS phones would be full of corrupted MMS messages.

[13]

Why would it be corrupted? Just because it contains a malicious payload doesn't mean it has to be unviewable normally. Could even just tack onto all outgoing MMS by default and never raise anybodies suspicions.

[mjard]

Even worse, if it's a worm, it's likely it would come from somebody you know.