• Get involved.
    We want your input!
    Apply for Membership and join the conversations about everything related to broadcasting.

    After we receive your registration, a moderator will review it. After your registration is approved, you will be permitted to post.
    If you use a disposable or false email address, your registration will be rejected.

    After your membership is approved, please take a minute to tell us a little bit about yourself.
    https://www.radiodiscussions.com/forums/introduce-yourself.1088/

    Thanks in advance and have fun!
    RadioDiscussions Administrators

101.9 MHz near Seattle possibly hacked

F

fordranger797

While scanning around the dial this morning, I came across what might have been a repeating loop of a "highly inappropriate" slur airing on 101.9 MHz. As we all know, this wouldn't be the first time that this has happened, as 93.7 also fell victim to hacking last year.
 
It's even happened on 101.9 near Seattle before.

The last time this happened, we here on Vashon had to scramble around to make sure it wasn't *our* signal (LPFM Voice of Vashon).
It wasn't, but we still got questions.
 
Wonder if its the same scenario: LPFM-Pin Heads neglected to change the default password on their Barix box?
 
Is that the F-Trump stuff that was on KQES-LP a couple years ago? Also was on 93.7 KLSY around the same time.
 
Barix boxes come with NO default password, so if you plug one into a WAN port and it gets "found", it's all there in the open.

The KLSY experience was sort of half of the above problem. I had a fairly good password on the box, but it was on a static IP. It got "found" and somehow, hacked. The stream they plugged into it traced to China. KLSY wasn't my only station that got hit that day. One of my AMs got nailed the same way. I'm not sure exactly how these boxes were discovered, but another local engineer found a few other pieces of my equipment on a large list... somewhat similar to the ones you get scanner frequencies off of. Could have been a large, national cyber-terror department as easily as a bored teen, I suppose.

I handed the password problem to Barix, but never did get an answer as to how the box got busted into. A few of their other customers reported the same problem that day.

In the end, I stopped putting the gear that requires remote access on dedicated IPs. Don't know that it's foolproof, but a little less obvious, I hope.

Incidentally... this is not necessarily a Barix issue. Any box that can be remotely accessed and pull an MP3 stream could be vulnerable. Also, you can put IP addresses into the playlists of a number of automation systems now, so.....
 
Grounded Grid said:
Barix boxes come with NO default password, so if you plug one into a WAN port and it gets "found", it's all there in the open.


I handed the password problem to Barix, but never did get an answer as to how the box got busted into. A few of their other customers reported the same problem that day.

In the end, I stopped putting the gear that requires remote access on dedicated IPs. Don't know that it's foolproof, but a little less obvious, I hope.

Incidentally... this is not necessarily a Barix issue. Any box that can be remotely accessed and pull an MP3 stream could be vulnerable. Also, you can put IP addresses into the playlists of a number of automation systems now, so.....
Click to expand...

Interesting. As I remember, there were at least three users of Barix codecs that got hit with the F-Trump hack. Also, I recently installed a brand new Barix Exstreamer 1000 that came out of the box with a user name of "Barix" and password "admin". Needless to say, the user name and password was changed with a crossover cable before even putting it on a network.
 
This time it appeared to be a continuous loop from a text-to-speech app repeating a racial slur. I completely forgot that KQES fell victim to this type of hacking before. It's probably bound to happen again given their history.
 
Kelly A said:
Interesting. As I remember, there were at least three users of Barix codecs that got hit with the F-Trump hack. Also, I recently installed a brand new Barix Exstreamer 1000 that came out of the box with a user name of "Barix" and password "admin". Needless to say, the user name and password was changed with a crossover cable before even putting it on a network.
Click to expand...

Also interesting. Up to this point, security was off by default on all of their models. Also, they didn't need a user name. plug "chocolatechipcookies" in there and it would work as well as "admin" or nothing at all.
 
In other LPFM news: There is an unidentified station broadcasting on 95.3 just south of Seattle that is currently broadcasting a playlist of uncut CHR music. I believe there was some mention of a suspected pirate on this board before.
 
fordranger797 said:
In other LPFM news: There is an unidentified station broadcasting on 95.3 just south of Seattle that is currently broadcasting a playlist of uncut CHR music. I believe there was some mention of a suspected pirate on this board before.
Click to expand...

Sure it isn’t KDXB-LP? They have a pretty decent signal for a LPFM being on the KUOW/KEXP tower on Cap Hill. They were running dead air for awhile. One of the folks involved posted on here and said music would be running shortly once a studio link was established.

They may be trying to replicate the “Hot Jamz” format that left most of Seattle when 94.5 got sold off. Makes sense to me...
 
fordranger797 said:
It probably would be KDXB, come to think of it! They should probably look into censoring their playlist if they want to stay on the air.
Click to expand...

Or at least saving the hottest stuff for the Safe Harbor hours....
 
Status
This thread has been closed due to inactivity. You can create a new thread to discuss this topic.


Back
Top Bottom