DEVCORE CEO and Chairman of the Taiwan Hacker Association, Allen (翁浩正), recently accepted an interview with the YouTube channel “志祺七七,” revealing the operational methods of the hacking world through discussions on occupational truths, cybersecurity threats, and practical protection advice.
What are the truths behind the hacking myths in movies?
Allen breaks down common hacking myths one by one: hackers type fast and use multiple windows, which is true, as operations become smooth after mastering the technique; it is possible for cafes to fake wireless base stations to trick others, but with rapid equipment updates, the difficulty has increased compared to the past; electric vehicles can be remotely controlled to make sudden stops on highways, and there are actual cases of this; baby monitors being hacked to spy is also a real occurrence—many people do not change default passwords after purchase, allowing bad actors to scan and invade.
He believes the most realistic depiction in a series is “Mr. Robot,” where the operating systems and commands are authentic, designed by cybersecurity consultants.
“I can retrieve all of your passwords right now.”
Allen candidly states that most people’s passwords are already leaked online in multiple versions available for download. He even mentions that sometimes when he forgets a password for an account, he can check those leaked databases and often find it. The root cause is that most people use the same password across different sites; once a database from one site is breached, other accounts are exposed as well.
How do black hat hackers make money? A complete black industry chain.
The dark web has formed a complete black industry: selling personal data databases, ransomware encrypting corporate data for ransom, selling identification cards and passports, selling attack programs, and even selling “wealthy family lists” to kidnapping groups. Allen says, “As long as it can be monetized, they will find a way to do it.”
If your computer is used to attack the Presidential Office, you will also be investigated.
Many people think, “I’m not a target; hackers won’t be interested in me,” but Allen points out that this is a misconception. If his computer is controlled by hackers and used to attack the Presidential Office or other targets, when the police trace the IP, the one at the door will be you. Smart toilets, baby monitors, and laptop cameras can all become launchpads, and even all activities in your bedroom could be recorded.
Is Taiwan really attacked by China every day?
Allen quotes a famous saying from a former FBI director: “There are only two types of big American companies, one that has already been hacked by China and another that has been hacked but doesn’t know it yet.” He states that this is not just a problem with China; countries with advanced internet capabilities around the world have cyber armies, and some countries are indeed more aggressive in intelligence gathering and attacks against others. Taiwan, due to important companies like TSMC and its unique political status, naturally becomes a target for various parties.
Red team drills: Success rate once reached 100%.
DEVCORE is Taiwan’s first attack-oriented cybersecurity company, specializing in simulating real hacking scenarios (red team drills) for governments and enterprises, with clients including the Presidential Office, TSMC, and ASE. Allen reveals that they sometimes break in right away, while at other times it takes over ten to twenty days, but the success rate of their intrusions had long maintained at 100%—when this record was broken later, he was actually quite happy because it represented improvements in the cybersecurity defenses of Taiwanese enterprises.
The team once discovered an employee posting a passport photo on Facebook; Allen enlarged the passport image, found the identity number, and inferred the backend account password, successfully completing the infiltration mission.
Three things you can do today after watching the video:
Password security: Use different passwords for each website, enable multi-factor authentication (MFA), and utilize password management tools.
Regular backups: Regularly back up data and store it offline; even if ransomware encrypts your data, you can restore it without paying a ransom.
Identify fake information: The more urgent and enticing a message is, the more you should slow down and verify. “A sense of urgency” is the most commonly used tactic in social engineering attacks.
Complete interview: Taiwan’s top hacker speaks out! ft. DEVCORE’s Allen in “Strong People, My Friends” EP 185 | 志祺七七
This article “Taiwan’s Top White Hat Hacker Speaks Out: Why Your Passwords, Toilets, and Computers Are Not Safe” originally appeared on Chain News ABMedia.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
