The EYE TRIPLE EE has an article about the recent (2005) Greek cellphone hack which left the entirety of the Greek government tapped via their cellphones. It’s light on details but still an interesting read.
If anyone’s wondering, the runtime code modification usually only happens in virtual machines or mainframe style systems with “machine partitions”. The fact that someone seems to have gotten outside of that and mapped it effectively is wildly good stuff. It’s very likely that on some level an employee of both the cellphone provider and the hardware vendor were in on it since it would require a fair bit of knowledge about what vodafone was seeing to hide effectively.