Bulgaria’s top broadcasters hacked to air illegal Vladimir Putin ‘gay clown’ meme

A man showing a picture of Vladimir Putin during a protest supporting LGBT+ people in Chechnya

Some of Bulgaria’s top television broadcasters were hacked to show an infamous caricature of Russian president Vladimir Putin against a rainbow background.

Against the backdrop of the turbulent Russia-Ukraine war, a cyberattack struck the Balkan nation’s major broadcasters Sunday evening (6 March).

The channel’s online coverage was replaced with a parody picture of Putin known online as “Gay Clown Putin“, which depicts the strongarm leader wearing lipstick and mascara against the LGBT+ Pride flag.

The photoshopped headshot was first posted on Tumblr in 2013 in protest against Russia’s so-called “gay propaganda” law, which prohibits the mere “promotion” of LGBT+ identities to minors in the nation.

From placards to social media profile pictures, the digitally altered meme quickly became a common sight for those rallying against Russa’s anti-LGBT+ laws.

The Ministry of Justice in Russia even blacklisted the image as “extremist” in 2017, saying that the picture suggests the “alleged nonstandard sexual orientation of the president of the Russian Federation”.

And now “Gay Clown Putin” has reached the Bulgarian airwaves. Bearing the words “Make Love, Not War,” the satire was blasted across various national TV stations’ websites, including NOVA TV, Bloomberg TV Bulgaria, Bulgaria On Air and Bulgarian National Television.

Protester wearing a t-shirt lampooning Vladimir Putin as a character wearing make up on an LGBT+ rainbow flag outside the Russian embassy in London, England. (Mike Kemp/In Pictures via Getty Images)

According to Novinite.com, Bulgaria’s largest English-language news agency, and Bulgaria On Air, the online streams of the channels were breached to display Putin’s static picture, prompting some to pull the plug on their broadcasts altogether.

Both NOVA TV and the Bulgarian National Television’s live streams were yanked until Monday morning, while both Bloomberg and Bulgaria On Air continued to air the image on their websites.

Website hosting provider Evolink was busted through at 8.32pm, NOVA TV reported in an article apologising to viewers. Evolink workers quickly caught onto the incursion and stopped it in less than 20 minutes.

The hackers, whose identities have not yet been verified, managed to leapfrog over Evolink’s security by exploiting a shortcoming in the server’s domain name system, redirecting each TV channel’s live stream to the spoof picture of Putin.

As some servers rely on a backlogged version of a website, this meant that some viewers still saw the hacked broadcast even though Evolink had resolved the issue.

Evolink has since launched an investigation into the cyberattack. “As a client of Evolink, Nova Broadcasting Group announces that the video streaming of the company’s TV channels was promptly resumed on play.nova.bg late on Sunday evening and on Monday morning on nova.bg,” NOVA TV wrote. 

“Nova Broadcasting Group assures that there was no malicious intent against the websites and digital platforms affected by it.”

The cyberattack comes amid a broader push by Ukraine’s minister of digital transformation, Mykhailo Fedorov, to knock Russian websites offline by recruiting amateur hackers and sleuths.

Fedorov launched a Telegram channel, which at the time of writing has more than 35,000 subscribers, for the IT Army of Ukraine that includes a tutorial for people to download software to mask their whereabouts and identity and a list of targets to hack.

Hackers, meanwhile, have slapped anti-war messages on the home pages of Russian media outlets, hacked into Russian state TV to air war footage from Ukraine and leaked files swiped from Russian government agencies.