Hackers Breach U.S. Radio Stations to Broadcast Fake EAS Tones & Obscenities
Hackers breached U.S. radio stations and broadcast fabricated alerts and streams of obscenities live on air, prompting the FCC to once again remind broadcasters of the fundamentals of cybersecurity. The intruders seized control of Barix equipment and replaced genuine programming with their own audio, including Emergency Alert System (EAS) tones, causing panic and bewilderment among listeners in Virginia and Texas. The incident unfolded against the backdrop of another blow to national infrastructure — the breach of the CodeRED alert platform — heightening concern among experts that vulnerable emergency-notification systems could serve as entry points for far more consequential attacks.
According to the FCC, the attackers reconfigured Barix network audio devices so they would ingest and relay a stream entirely controlled by the perpetrators. Fake emergency tones and openly vulgar segments were aired, and the stations themselves learned of the intrusion only after listener complaints. HTX Media in Houston, for example, received a looping audio feed combining EAS tones, racist slurs, and references to the YouTube channel of the presumed hacker. Social-media users wrote that the broadcast had “literally gone insane,” and some remarked on the brazenness of the intruder, who even left contact details.
Experts note that this was the second incident in a single day involving critical alerting systems. They emphasize that such breaches are often used as reconnaissance steps preceding attempts to penetrate deeper into infrastructure. In the wake of the CodeRED attack, which impacted thousands of municipal organizations, it has become increasingly clear how exposed emergency-communication channels remain. And although the Barix intrusion resulted merely in shocking on-air content, the potential consequences are vastly more serious — ranging from operational disruption to large-scale attacks leveraging social engineering.
Vendors of alerting systems and broadcasters are now being forced to strengthen their defenses. The FCC strongly recommends changing default passwords, updating firmware promptly, and monitoring any suspicious configuration changes. Critical systems must be segmented, isolated from external networks, and subjected to regular security audits — otherwise the threats will continue to escalate.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
