Hackers Hijack Radio Stations To Play YG's Anti-Trump Anthem 'FDT'

Radio station Sunny 107.9 WFBS-FM in Salem, South Carolina, had an odd playlist on Monday night: it repeatedly looped YG and Nipsey Hussle's anti-Trump hit "FDT (Fuck Donald Trump)." It was an unexpected change for the classic hits and beach music station, whose website features clip art of a sun in sunglasses giving the thumbs-up. The new format wasn't intentional; they had been hacked.

Related: How vulnerable is Donald Trump's Twitter account to hacking?

"Our internet has been HACKED at our transmitter site, and the station has played anti-Trump songs," station president Frank Patterson wrote in a statement posted on Facebook. "We at WFBS do not take political views!"

On Trump's Inauguration Day, at least four stations were hit with similar hacks: 103.5 in Evansville, Indiana; 96.7 in Murfreesboro, Tennessee; 101.9 in Seattle; and 100.9 in Louisville, Kentucky. The latter played the song for 15 minutes straight before the station manager could shut it down. "OK, not funny," they wrote in a since-deleted Facebook post. The stations are now filing complaints to the Federal Communications Commission.

The targets were low-powered community FM stations, almost all of which use a Barix Instreamer/Exstreamer transmitter device (approximately $200), according to Heat Street. Hacking them isn't difficult if their owners don't follow standard security protocols. One just has to poke around on Shodan, a search engine for internet-connected devices. Users can then remotely access said devices, often using a default manufacturer password (or just guessing bad ones, like "password1234"). Then they can broadcast whatever they want. Owning such a device and not assigning a secure password or using a firewall is kind of like parking a bulldozer in the middle of Times Square with the keys in the ignition; some bored teen is going to take it for a joyride.

So similar hacks happen pretty frequently. In early August last year, hackers used the technique to take over top 40 station 106.3 KIFT in Breckenridge, Colorado, to broadcast an explicit, 90-minute "furry sex" podcast. It's also regularly used to take over IP cams, allowing people to access and snoop live footage from private webcams. IP cam trolling—in which users log in to a camera, then blast noises and music into people's homes to watch their reactions—is an expansive (and creepy) YouTube genre.

The political messaging of the hacks seems new, however. Blame the new Trump era for infecting even the most seemingly apolitical arenas with political protest. Usually, such hacks just result in absurdist pranks, like those mentioned above, or an emergency alert message in 2013 warning about zombies "rising from the grave and attacking the living," or the infamous Max Headroom broadcast signal intrusion in the '80s. Now they have a message.

As protests continue to spread across the United States, and certain Trump administration accounts (@potus account was briefly registered under a private gmail account, and his press secretary apparently tweeted out his own password twice) appear to have lax security, this kind of political-prank hacking might become more common. Just something to keep in mind if @realdonaldtrump suddenly starts tweeting links to furry porn.