Forum Thread: Salami Slicing Anyone?

Computer hacking is significantly different from other crimes in a number of key ways.

First, there is distance or remoteness between the perpetrator and the victim. Anyone connected to the Internet anywhere on this planet is vulnerable to anyone else on the Internet.

Second, there is the technical nature of the crime that is significantly more sophisticated than holding up a liquor store with a handgun.

Third, there is the automated nature of these crimes as they can be repeated over and over again with computer systems doing all the heavy- lifting.

Fourth, due to the repetitive nature of hacking crimes, hackers do not have to go after the single big strike like in the movies "Oceans Eleven" or "The Italian Job". The hacker, due to all of the aforementioned unique aspects of hacking, can simply slice a tiny fragment of value from millions or billions of accounts/people.

This practice of taking a tiny slice from many, many people by automated tools remotely, is often referred to as "salami slicing". Think about it for a moment. There are now more cellphones on this planet than there are people (is anyone screaming for zero cellphone growth?). If a hacker developed a program to slice just half a penny from each of those cellphone bills each month, the take would be incredible! Not only that, but who would notice an extra half cent to their cellphone bill. In many cases, it wouldn't even show as it would be considered a "rounding" error.

So, let's do the math. There are 7 billion cellphones on planet. If we multiply 7 billion times a half cent ($.005), the result would be $35 million dollars per month! On an annual basis, that would be $420 million! The beauty is that no one would feel victimized for a half penny a month.

Salami Slicing, anyone?

Our Best Hacking & Security Guides

New Null Byte posts — delivered straight to your inbox.

20 Responses

It sounds amazing!

How would one even do that though? Wouldn't someone have to hack the phone service providers database and re-route half a penny from each persons phone to their bank account?

If it were easy, it would have been done. Think creatively.

It has been done, albeit through banking accounts in America, but after a few years the gentleman responsible was caught, his name escapes me for now, but the point remains that it has been done, and will probably happen again, perhaps even by some of the people learning from you, OTW.

Wow, sounds great.

This would require a lot of thinking and creative juices. Its not that one must do the same thing as suggested in the post. But this could be applied to other business sectors. Think of the banking system, google adsense, Money Transfer Services like WU, Vigo & Moneygram, etc.

Companies in Developing Countries or poor countries don't have too much strong security. We can try Them ???

Yeah that's right but what will be the take? And we shouldn't be planning a crime here. The NSA is watching us...


"You are being watched."

nice thinking!

hi I have broadband connection in which I have login in a site then only I can use the internet.
in this link given below a person has hacked this connection can plz explain me how has this person done this..

I'm not sure what you asking. Can you be more explicit.

Are you asking me how this guy did this hack??

yes, i want to know what softwares has he used....
this is the link of the site
plzzzz help me asa there are a lot people using this broadband in india


Rather have me speculate on what he did, why not just ask him?


he is not disclosing the softwares

Master OTW:

Is it ok to install BackTrack on USB's with Rufus How does this compare with installing on a DVD or a VM?



I've never used Rufus, so I can't say for certain. When you try it, let us all know here?

As for using a USB v DVD v. VM, the USB is like using a separate physical machine. The DVD would be the same but slower unless you install it as dual boot system. The VM is best for educational and training purposes but will require an external wireless adapter and poses other challenges.


Thanks for the response.
So please clarify if my understanding is right:
When hacking real-time:

  1. Using a USB /live CD driven: Hardware changes are not made in host system
  2. Dual-boot - means a system trace can be done to the source of the attack?
  3. Also why use a VM (assuming enough space in local HD to make a dual boot partition) when it is slower and has too many technical challenges?

There just came out a tutorial on this from OTW.
choosing your hardware

I would suggest reading this and questioning on that post because this is unrelated to the original topic. I believe your questions are answered here though

As Eight points out below, I did a post on choosing your platform here. If you have questions after reading it, please post them on that post.


Share Your Thoughts

  • Hot
  • Active