Oddbean

A phone is as any computer. If any service on your phone is vulnerable your phone is. You don't need to install an App to get hacked. Vulnerabilities SMS/MMS, the GMS stack and other services are/have been used to infect phone without ppl. noticing. If need to talk *any thing* sensitive, don't bring your phone. Some work places even have shielded "boxes" where you put your phone before going in to any meeting. I have had stuff installed on phone's by "others" without any action hoping I would not "notice". No, you can not trust your phone is secure.

Don't follow this stuff much anymore. Historically speaking, there's also been a bunch of vulnerabilities in various TCP/IP stacks. By sending a valid or malformed packet that the stack does not handle correctly you have been able infect the machine. Any one remember the Windows 95/98/ME MSG_OOB bug, or NT teardrop? Remembering them, some years ago, while implementing Ethernet drivers, I replicated and patched the exact same MSG_OOB vulnerability on a LwIP stack. i.e. completely unrelated/different OS many years later and IP stack same issue. You could literally kill the whole stack and "make stuff happen" with a PING. All one had to do was to tag the IMCP packet MSG_OOB, and put data inside the ping. So yes, maybe your phone has been hacked with a ping.