Can you be more specific about the method of 'attack'?

It seems to me that this is just a case of sending traffic to connected handsets in order to increase customer bills. If a trusted partner does this then the telco simply terminates their relationship with them. No respectable service provider would engage in such an activity as they risk ruining their reputation and business.

Most mobile operators employ network address translation on connections from the handset to the Internet. This prevents externally originated attacks.