More details on the Greek wiretapping issue are emerging. Bruce Schneier wrote in his blog, that it turns out that the „malicious code“ was actually code designed into the system and that the attackers managed to bypass the authorization mechanisms of the eavesdropping system, and activate the „lawful interception“ module in the mobile network. They then redirected about 100 numbers to 14 shadow numbers they controlled. :-S There is a rumour outside, that there was a backdoored telnetd on the solaris boxes used for the IMS (Ericssons Interception Management System). 😯