Coderman's on to something here...
if you knew what you were doing it would be straightforward to insert a promiscuous device on the LAN or add a process on the unix host used by the softswitch that listened for incoming calls from a given set of MIN's and one way conference these calls to a third party*. if you had access to a current version of the softswitch software itself for modification it would be even easier (most companies license sources and tailor or customize the software to run these switches so it's not quite as simple as a generic drop in replacement).
it took "a professional" to do this, sure, but the number of people skilled enough to pull this off is not a small number.
I actually strongly suspect Vodaphone cooperation in this. "Seeding" a remote software upgrade to a switch like this is extremely difficult if you're coming in from another vendor's gear. Right now I believe they would've had to gain physical access and install the software in person, otherwise they'd have to go through the local Greek NOC. I suppose it's POSSIBLE they modified the Vodaphone software and remotely seeded it without anyone being the wiser, but what? No one noticed a bunch of DS0s were all of a sudden provisioned with unknown traffic? But no doubt they had copies of the gear, no doubt they had access to the firmware code, no doubt they had telco gear coders (something that's practically nonexistent in Greece right now)... If you ask me, Vodaphone's playing dumb in light of EFF suing AT&T. They realized there's no way they code hide that if someone was inspired to start looking more closely. -TD