Schneier on Security: More on Greek Wiretapping:

"Unknowns tapped the mobile phones of about 100 Greek politicians and offices, including the U.S. embassy in Athens and the Greek prime minister.

...

More details are emerging. It turns out that the 'malicious code' was actually code designed into the system. It's eavesdropping code put into the system for the police.

The attackers managed to bypass the authorization mechanisms of the eavesdropping system, and activate the 'lawful interception' module in the mobile network. They then redirected about 100 numbers to 14 shadow numbers they controlled. (Here are translations of some of the press conferences with technical details. And here are details of the system used.)"

(Via Schneier on Security.)