A security researcher by the name of Ralf-Phillip Weinmann says he has discovered a baseband hack that allows for malicious code to be sent to mobile devices. According to the report, it takes advantage of bugs found within the firmware of cellphone chipsets sold my manufacturers such as Qualcomm and Infineon Technologies.
It's said that the hack is accomplished by setting up a fake cell tower to intercept target devices. The report also mentions that this was near impossible in the past, because components ran into the tens of thousands. However things are much cheaper now and can be done for roughly $2 grand.
Still, there is little reason to worry. $2,000 is still a lot of money, and the code that Mr. Weinmann wrote requires the hacker to have a great deal of knowledge of the chipset firmware. The report concludes by saying that it would be much easier to just trick the user into installing a malicious App than it would to go through all the trouble to get a baseband hack working.