#FactCheck - Edited Video of ‘India-India’ Chants at Republican National Convention

Executive Summary

‍
Following the tragic cruise accident at Bargi Dam in Jabalpur, a heartbreaking image of a woman lying unconscious in a river with a child resting on top of her has gone viral on social media. Users are claiming that the picture shows victims of the recent Bargi Dam accident. Research by CyberPeace Research Wing found that the viral claim is false. The circulating image was created using AI (Artificial Intelligence) and is now being misleadingly linked to the real tragedy. However, reports indicate that a similar real-life image of a mother and child did emerge after the accident.

‍

Claim

‍

An X user shared the viral image on May 1, 2026, claiming that despite wearing a life jacket, the mother lost her life while trying to save her child. The emotional post praised mothers’ sacrifice and linked the image directly to the Bargi Dam cruise mishap An X user shared the viral image on May 1, 2026, claiming that despite wearing a life jacket, the mother lost her life while trying to save her child. The emotional post praised mothers’ sacrifice and linked the image directly to the Bargi Dam cruise mishap

‍

• https://x.com/HindutvaNerve/status/2050178036214210626?s=20 
• https://perma.cc/BS95-KD4E 

‍

‍

Fact Check

‍

To verify the claim, we searched relevant keywords on Google but found no credible news reports connecting the viral image to the Bargi Dam accident. A closer examination of the image revealed multiple visual inconsistencies. The hands of the woman and child appear unnaturally merged at one point, while the woman’s eyebrows seem split into two sections. Such distortions are common indicators of AI-generated imagery.

We then analyzed the picture using AI detection tool Hive Moderation, which estimated nearly a 90% probability that the image was AI-generated.

‍

‍

During the research , we also found a clarification post from the official Facebook account of the Jabalpur District Collector, who stated that the viral image was AI-generated or sourced elsewhere and had no connection with the Bargi cruise accident.

‍

‍

According to a report published by NDTV on May 2, 2026, the accident occurred on April 30 near Khamaria Island when an overloaded tourist cruise capsized amid strong winds, heavy rain, and rising waves. At least nine people died, while 28 others were rescued.

‍

https://ndtv.in/madhya-pradesh-chhattisgarh/jabalpur-bargi-dam-accident-little-girl-siya-story-who-lost-brother-mother-in-incident-11438231

‍

‍

‍

Conclusion

‍

Our research  confirms that the viral mother-child image being linked to the Bargi Dam tragedy is fake. The picture was created using AI and falsely circulated in connection with the real cruise accident.

‍

Introduction:

This report examines ongoing phishing scams targeting "State Bank of India (SBI)" customers, India's biggest public bank using fake SelfKYC APKs to trick people. The image plays a part in a phishing plan to get users to download bogus APK files by claiming they need to update or confirm their "Know Your Customer (KYC)" info.

Fake Claim:

A picture making the rounds on social media comes with an APK file. It shows a phishing message that says the user's SBI YONO account will stop working because of their "Old PAN card." It then tells the user to install the "WBI APK" APK (Android Application Package) to check documents and keep their account open. This message is fake and aims to get people to download a harmful app.

Key Characteristics of the Scam:

• The messages "URGENTLY REQUIRED" and "Your account will be blocked today" show how scammers try to scare people into acting fast without thinking.
• PAN Card Reference: Crooks often use PAN card verification and KYC updates as a trick because these are normal for Indian bank customers.
• Risky APK Downloads: The message pushes people to get APK files, which can be dangerous. APKs from places other than the Google Play Store often have harmful software.
• Copying the Brand: The message looks a lot like SBI's real words and logos to seem legit.
• Shady Source: You can't find the APK they mention on Google Play or SBI's website, which means you should ignore the app right away.

Modus Operandi:

• Delivery Mechanism: Typically, users of messaging services like "WhatsApp," "SMS," or "email" receive identical messages with an APK link, which is how the scam is distributed.
• APK Installation: The phony APK frequently asks for a lot of rights once it is  installed, including access to "SMS," "contacts," "calls," and "banking apps."
• Data Theft: Once installed, the program may have the ability to steal card numbers, personal information, OTPs, and banking credentials.
• Remote Access: These APKs may occasionally allow cybercriminals to remotely take control of the victim's device in order to carry out fraudulent financial activities.

While the user installs the application on their device the following interface opens: 

‍

‍

It asks the user to allow the following:

• SMS is used to send and receive info from the bank.
• User details such as Username, Password, Mobile Number, and Captcha. 

Technical Findings of the Application:

Static Analysis:

• File Name: SBI SELF KYC_015850.apk
• Package Name: com.mark.dot.comsbione.krishn
• Scan Date: Sept. 25, 2024, 6:45 a.m.
• App Security Score: 52/100 (MEDIUM RISK)
• Grade: B

File Information:

• File Name: SBI SELF KYC_015850.apk
• Size: 2.88MB
• MD5: 55fdb5ff999656ddbfa0284d0707d9ef
• SHA1: 8821ee6475576beb86d271bc15882247f1e83630
• SHA256: 54bab6a7a0b111763c726e161aa8a6eb43d10b76bb1c19728ace50e5afa40448

App Information:

• App Name: SBl Bank
• Package Name:: com.mark.dot.comsbione.krishn
• Main Activity: com.mark.dot.comsbione.krishn.MainActivity
• Target SDK: 34
• Min SDK: 24
• Max SDK:
• Android Version Name:: 1.0
• Android Version Code:: 1

App Components:

• Activities: 8
• Services: 2
• Receivers: 2
• Providers: 1
• Exported Activities: 0
• Exported Services: 1
• Exported Receivers: 2
• Exported Providers:: 0

Certificate Information:

• Binary is signed
• v1 signature: False
• v2 signature: True
• v3 signature: False
• v4 signature: False
• X.509 Subject: CN=PANDEY, OU=PANDEY, O=PANDEY, L=NK, ST=NK, C=91
• Signature Algorithm: rsassa_pkcs1v15
• Valid From: 20240904 07:38:35+00:00
• Valid To: 20490829 07:38:35+00:00
• Issuer: CN=PANDEY, OU=PANDEY, O=PANDEY, L=NK, ST=NK, C=91
• Serial Number: 0x1
• Hash Algorithm: sha256
• md5: 4536ca31b69fb68a34c6440072fca8b5
• sha1: 6f8825341186f39cfb864ba0044c034efb7cb8f4
• sha256: 6bc865a3f1371978e512fa4545850826bc29fa1d79cdedf69723b1e44bf3e23f
• sha512:05254668e1c12a2455c3224ef49a585b599d00796fab91b6f94d0b85ab48ae4b14868dabf16aa609c3b6a4b7ac14c7c8f753111b4291c4f3efa49f4edf41123d
• PublicKey Algorithm: RSA
• Bit Size: 2048
• Fingerprint: a84f890d7dfbf1514fc69313bf99aa8a826bade3927236f447af63fbb18a8ea6
• Found 1 unique certificate

‍

App Permission 

‍

‍

1. Normal Permissions

• Access_network_state: Allows the App to View the Network Status of All Networks.
• Foreground_service: Enables Regular Apps to Use Foreground Services.
• Foreground_service_data_sync: Allows Data Synchronization With Foreground Services.
• Internet: Grants Full Internet Access.

2. Signature Permission:

• Broadcast_sms: Sends Sms Received Broadcasts. It Can Be Abused by Malicious Apps to Forge Incoming Sms Messages.

3. Dangerous Permissions:

• Read_phone_numbers: Grants Access to the Device’s Phone Number(S).
• Read_phone_state: Reads the Phone’s State and Identity, Including Phone Features and Data.
• Read_sms: Allows the App to Read Sms or Mms Messages Stored on the Device or Sim Card. Malicious Apps Could Use This to Read Confidential Messages.
• Receive_sms: Enables the App to Receive and Process Sms Messages. Malicious Apps Could Monitor or Delete Messages Without Showing Them to the User.
• Send_sms: Allows the App to Send Sms Messages. Malicious Apps Could Send Messages Without the User’s Confirmation, Potentially Leading to Financial Costs.

On further analysis on virustotal platform using md5 hash file, the following results were retrieved where there are 24 security vendors out of 68, marked this apk file as malicious and the graph represents the distribution of malicious file in the environment.

‍

‍

Key Takeaways:

• Normal Permissions: Generally Safe for Accessing Basic Functionalities (Network State, Internet).
• Signature Permissions: May Pose Risks When Misused, Especially Related to Sms Broadcasts.
• Dangerous Permissions: Provide Sensitive Data Access, Such as Phone Numbers and Device Identity, Which Can Be Exploited by Malicious Apps.
• The Dangerous Permissions Pose Risks Regarding the Reading, Receiving, and Sending of Sms, Which Can Lead to Privacy Breaches or Financial Consequences.

How to Identify the Scam:

• Official Statement: SBI never asks clients to download unauthorized APKs for upgrades related to KYC or other services. All formal correspondence takes place via the SBI YONO app, which may be found in reputable app shops.
• No Immediate Threats: Bank correspondence never employs menacing language or issues harsh deadlines, such as "your account will be blocked today."
• Email Domain and SMS Number: Verified email addresses or phone numbers are used for official SBI correspondence. Generic, unauthorized numbers or addresses are frequently used in scams.
• Links and APK Files: Steer clear of downloading APK files from unreliable sources at all times. For app downloads, visit the Apple App Store or Google Play Store instead.

CyberPeace Advisory:

• The Research team recommends that people should avoid opening such messages sent via social platforms. One must always think before clicking on such links, or downloading any attachments from unauthorised sources.
• Downloading any application from any third party sources instead of the official app store should be avoided. This will greatly reduce the risk of downloading a malicious app, as official app stores have strict guidelines for app developers and review each app before it gets published on the store.
• Even if you download the application from an authorised source, check the app's permissions before you install it. Some malicious apps may request access to sensitive information or resources on your device. If an app is asking for too many permissions, it's best to avoid it.
• Keep your device and the app-store app up to date. This will ensure that you have the latest security updates and bug fixes.
• Falling into such a trap could result in a complete compromise of the system, including access to sensitive information such as microphone recordings, camera footage, text messages, contacts, pictures, videos, and even banking applications and could lead users to financial loss.
• Do not share confidential details like credentials, banking information with such types of Phishing scams.
• Never share or forward fake messages containing links on any social platform without proper verification.

Conclusion:

Fake APK phishing scams target financial institutions more often. This report outlines safety steps for SBI customers and ways to spot and steer clear of these cons. Keep in mind that legitimate banks never ask you to get an APK from shady websites or threaten to close your account right away. To stay safe, use SBI's official YONO app on both systems and get apps from trusted places like Google Play or the Apple App Store. Check if the info is true before you do anything turn on 2FA for all your bank and money accounts, and tell SBI or your local cyber police about any scams you see.

‍

Introduction

‍
India currently faces a crucial moment because its digital system experiences rapid growth while cyber criminals take advantage of this development to increase their fraudulent activities. The Department of Telecommunications (DoT) has implemented a new regulatory requirement that mandates all messaging and communication platforms to use SIM-binding technology as their primary security measure. The new rule, which starts on 1st March 2026, requires WhatsApp, Telegram, Signal and other similar applications to operate only when users have their registered SIM card present in their device. The telecom identifier restriction aims to prevent unauthorised access, but it creates significant privacy concerns, together with issues of proportionality and platform governance.

‍

Understanding the SIM-Binding Directive

‍

SIM-binding establishes direct links between communication platform accounts and the SIM cards used for registration. The application will stop working when users take out their SIM card, turn it off, or get a new SIM card. Users must re-authenticate their sessions through the main device because web-based sessions, including WhatsApp Web, will automatically log out after six hours of use. 

The Telecommunications Act, 2023 and Telecom Cyber Security Rules serve as the base legal authority for this directive. The regulation requires Telecommunication Identity User Entities (TIUEs), which identify users through mobile numbers, to maintain service access based on verified telecommunications credentials.

‍

Rationale: Addressing Cyber Fraud and Misuse

‍
The policy exists because cyber fraud activities have reached a point where they require a more powerful response. Authorities have stated that messaging applications maintain their operational capacity even after users remove their SIM cards, which allows international scammers to use Indian phone numbers for their fraudulent activities. SIM-binding aims to: 

• Restore traceability by linking active accounts to verified SIM-based identities.
• Reduce remote access abuse, which includes both account takeovers and impersonation scams.
• Stop fraudulent activities that require physical device access through the creation of permanent sessions.
• Build a system of accountability that extends throughout the telecommunications industry.

The government introduced this measure as an appropriate solution to deal with systemic vulnerabilities because reported cyber fraud losses in 2024 reached more than ₹22,800 crore.

‍

Security with Responsibility

‍

‍The system requires digital trust to be established through secure identity verification systems, which include official systems for verification and operational systems that enable governmental agencies to work together. 

CyberPeace principles require security measures to maintain three essential conditions, which are:

• They must respond to existing dangers 
• Their execution process must be open to public observation 
• They need to protect user rights, which include their right to privacy and personal independence 
• They must provide equal access while safeguarding against negative impacts on at-risk user groups. 

‍

Industry Response and Governance Challenges

‍
The directive has received diverse responses from people who work in different fields. Some platforms are testing SIM presence verification features for their upcoming changes, according to reports, while industry groups representing major technology companies have raised legal issues. They argue that the mandate may exceed the regulatory scope of the DoT and potentially conflict with constitutional protections. The existing tension demonstrates how governments face difficulties because they must protect national security while managing international platform operations and legal systems. The situation requires multiple stakeholders to work together because governments, industry, and civil society need to design policies through their collective input.

‍

Policy Insights and Recommendations

‍
The successful balanced execution of this initiative depends on these two essential elements:

1. Clear Implementation Guidelines: Organizations need to establish detailed technical standards together with compliance frameworks, which must be followed during their implementation process across various platforms. 
2. Privacy Safeguards: The telecom service provider must implement strong data protection measures that protect customer data from unauthorised access through SIM-binding technology. 
3. User Awareness and Transparency: Users should receive information about SIM-binding effects on their access rights, together with security controls, which will help them build trust and provide informed consent. 
4. Flexibility for Edge Cases: Provisions should exist for legitimate use cases such as device changes, international travel, and accessibility needs. 
5. Global Interoperability Dialogue: India should engage with global stakeholders to ensure that such measures do not fragment the digital ecosystem.

‍

Conclusion

‍
The SIM-binding directive establishes India’s defence against cyber threats by solving a specific problem that exists in digital identity verification. The system establishes CyberPeace as its fundamental base through its shift from reactive cybersecurity practices toward preventive digital governance methods. 

The system will achieve its desired results only if it effectively manages the three elements of security protection, privacy maintenance, and user convenience. SIM-binding and similar policies require ongoing assessment because their implementation affects both national security and the fundamental principles of trustworthiness, inclusiveness, and ethical digital governance.

‍

References

‍

• https://www.opindia.com/2026/02/sim-binding-to-be-implemented-from-1st-march-what-it-means-and-how-it-will-impact-users/
• https://www.ndtv.com/india-news/sim-binding-rule-set-to-change-how-whatsapp-telegram-work-in-india-from-march-1-11148903#:~:text=Under%20the%20new%20framework%2C%20messaging,is%20re%2Dinserted%20and%20authenticated.
• https://timesofindia.indiatimes.com/technology/tech-news/telecom-departments-sim-binding-rule-to-come-into-effect-from-tomorrow-march-1-what-is-sim-binding-how-it-works-and-what-it-means-for-whatsapp-users/articleshow/128879561.cms
• https://www.deccanherald.com/technology/whatsapp-begins-testing-sim-binding-in-india-3913963

‍