If you only get a single bit error, ECC will fix it, and increase a counter / raise a usually slow interrupt, if you get a lot of them, perf will be impacted, and the operator should notice.
If you get a double bit error, ECC will (generally) halt the os, and the operator will definitely notice. -- you won't get to try very much.
If you get a multi bit error, maybe you can do your nefarious task.
I'm skeptical that "ECC won't help," that's not a commonly held opinion. It might be true but it'd be interesting to read some actual analysis as to why.
The challenge for the attacker is to produce a 3 or more bit failure before a 2-bit failure occurs, which would trigger some alarms. I haven't seen any research on the feasibility of such an attack.
Additionally, there are stronger ECC schemes than SECDED, for example the one in IBM's ChipKill. It is hard to imagine a RowHammer attack that could remain undetected with such a scheme.
It is fair to say that ECC memory raises the bar for attackers.
> Nethammer is the first truly remote Rowhammer attack, without a single attacker-controlled
line of code on the targeted system. Systems that use uncached memory or flush instructions while handling network requests, e.g., for interaction with the network device, can be attacked using
Nethammer. Other systems can still be attacked if they are protected with quality-of-service techniques like Intel CAT. We demonstrate that the frequency of the cache misses is in all three cases high
enough to induce bit flips. 
Nethammer: > 1 024 000 packets per second over a 500 Mbit/s connection ......Hence, we conclude that in theory...
Both currently at best lead to server crash, and are highly impractical.