#FactCheck-A manipulated image showing Indian cricketer Virat Kohli allegedly watching Rahul Gandhi's media briefing on his mobile phone has been widely shared online.

A video claiming to show a Hatha yogi performing extreme penance on a snow-covered mountain amid strong icy winds is going viral on social media. In the clip, the ascetic is seen balancing on one hand in a yoga posture, while users portray the visuals as a rare example of extraordinary spiritual endurance in harsh climatic conditions.

However, an investigation by the CyberPeace Foundation has found the claim to be false. Our analysis confirms that the viral video is AI-generated and does not depict a real person or an actual event.

‍

Claim:

‍

A Instagram user shared the video with the caption:

“Hatha yogi, what kind of soil are these people made of?” The post suggests that the visuals show a real yogi performing intense meditation on a frozen mountain.

• https://www.instagram.com/reels/DTK32TvDGIJ/
• (Archive link as provided) https://perma.cc/H84M-MGXZ

‍

‍

Fact Check:

‍

To verify the claim, the CyberPeace Foundation conducted a detailed examination of the viral video.No credible or verifiable news reports were found to support the claim that such an incident ever occurred.

The viral video was analysed using the AI detection tool Deepfake-O-Meter.Its AVSRDD (2025) module flagged the video as AI-generated, confirming that the visuals were digitally created and not recorded in real life.

Multiple indicators within the footage,such as unnatural body balance, environmental inconsistencies, and visual artifacts are consistent with AI-generated content.

‍

‍

Conclusion

‍

The viral video purportedly showing a yogi meditating on a frozen mountain is not real. It has been created using artificial intelligence and is being circulated on social media with a misleading narrative. Users are advised to exercise caution and verify content before sharing such sensational claims.

‍

Overview:

‘Kia Connect’ is the application that is used to connect ‘Kia’ cars which allows the user control various parameters of the vehicle through the application on his/her smartphone. The vulnerabilities found in most Kias built after 2013 with but little exception. Most of the risks are derived from a flawed API that deals with dealer relations and vehicle coordination. 

Technical Breakdown of Exploitation:

1. API Exploitation: The attack uses the vulnerabilities in Kia’s dealership network. The researchers also noticed that, for example, the logs generated while impersonating a dealer and registering on the Kia dealer portal would be sufficient for deriving access tokens needed for next steps.

2. Accessing Vehicle Information: The license plate number allowed the attackers to get the Vehicle Identification Number (VIN) number of their preferred car. This VIN can then be used to look up more information about the car and is an essential number to determine for the shared car.

3. Information Retrieval: Having the VIN number in hand, attackers can launch a number of requests to backends to pull more sensitive information about the car owner, including:

• Name
• Email address
• Phone number
• Geographical address

4. Modifying Account Access: With this information, attackers could change the accounts settings to make them a second user on the car, thus being hidden from the actual owner of the account.

5. Executing Remote Commands: Once again, it was discovered that attackers could remotely execute different commands on the vehicle, which includes:some text
   • Unlocking doors
   • Starting the engine
   • Monitoring the location of the vehicle in terms of position.
   • Honking the horn 

Technical Execution:

The researchers demonstrated that an attacker could execute a series of four requests to gain control over a Kia vehicle:

1. Generate Dealer Token: The attacker sends an HTTP request in order to create a dealer token.

2. Retrieve Owner Information: As indicated using the generated token, they make another request to another endpoint that returns the owner’s email address and phone number.

3. Modify Access Permissions: The attacker takes advantage of the leaked information (email address and VIN) of the owner to change between users accounts and make himself the second user.

4. Execute Commands: As the last one, they can send commands to perform actions on the operated vehicle.

Security Response and Precautionary Measures for Vehicle Owners

1. Regular Software Updates: Car owners must make sure their cars receive updates on the recent software updates provided by auto producers. 
2. Use Strong Passwords: The owners of Kia Connect accounts should develop specific and complex passwords for their accounts and then update them periodically. They should avoid using numbers like the birth dates, vehicle numbers and simple passwords.
3. Enable Multi-Factor Authentication: For security, vehicle owners should turn on the use of the secondary authentication when it is available to protect against unauthorized access to an account. 
4. Limit Personal Information Sharing: Owners of vehicles should be careful with the details that are connected with the account on their car, like the e-mail or telephone number, sharing them on social networks, for example.
5. Monitor Account Activity: It is also important to monitor the account activity because of change or access attempts that are unauthorized. In case of any abnormality or anything suspicious felt while using the car, report it to Kia customer support.
6. Educate Yourself on Vehicle Security: Being aware of cyber threats that are connected to vehicles and learning about how to safeguard a vehicle from such threats.
7. Consider Disabling Remote Features When Not Needed: If remote features are not needed,  then it is better to turn them off, and then turn them on again when needed. This can prove to help diminish the attack vector for would-be hackers.

Industry Implications:

The findings from this research underscore broader issues within automotive cybersecurity:

• Web Security Gaps: Most car manufacturers pay more attention to equipment running in automobiles instead of the safety of the websites that the car uses to operate thereby exposing automobiles that are connected very much to risks.

• Continued Risks: Vehicles become increasingly connected to internet technologies. Auto makers will have to carry cyber security measures in their cars in the future.

Conclusion:

The weaknesses found in Kia’s connected car system are a key concern for Automotive security. Since cars need web connections for core services, suppliers also face the problem of risks and need to create effective safeguards. Kia took immediate actions to tighten the safety after disclosure; however, new threats will emerge as this is a dynamic domain involving connected technology. With growing awareness of these risks, it is now important for car makers not only to put in proper security measures but also to maintain customer communication on how it safeguards their information and cars against cyber dangers. That being an incredibly rapid approach to advancements in automotive technology, the key to its safety is in our capacity to shield it from ever-present cyber threats.

Reference:

• https://timesofindia.indiatimes.com/auto/cars/hackers-could-unlock-your-kia-car-with-just-a-license-plate-is-yours-safe/articleshow/113837543.cms
• https://www.thedrive.com/news/hackers-found-millions-of-kias-could-be-tracked-controlled-with-just-a-plate-number
• https://www.securityweek.com/millions-of-kia-cars-were-vulnerable-to-remote-hacking-researchers/
• https://news24online.com/auto/kia-vehicles-hack-connected-car-cybersecurity-threat/346248/
• https://www.malwarebytes.com/blog/news/2024/09/millions-of-kia-vehicles-were-vulnerable-to-remote-attacks-with-just-a-license-plate-number
• https://informationsecuritybuzz.com/kia-vulnerability-enables-remote-acces/
• https://samcurry.net/hacking-kia

‍

‍

Introduction

Cybercrime in India is developing at a rapid rate in terms of depth and volume, with culprits leveraging technology, anonymity, and social engineering to exploit unsuspecting victims. In a high-profile instance of coordinated police action, the Delhi Police Crime Branch recently cracked a large-scale pan-India cybercrime syndicate with its arms stretching across Delhi, Rajasthan, and Uttar Pradesh. The syndicate used to be involved in a range of cybercrimes, from sextortion and online fraud to fake call centres and cloning of bank accounts. With over ₹5 crore of illicit financial transactions revealed, the operation highlights the critical role of proactive cyber policing, data security and public awareness in India's war against digital crime.

A Multi-State Operation: Crime Network across States

On May 24, 2025, on receiving a tip-off, the Delhi Police conducted a specific raid in New Ashok Nagar to catch a suspect consignment said to be used for cybercrime. This resulted in a multi-layered investigation that revealed a large crime syndicate. Police recovered 28 mobile phones, 30 SIM cards, 15 debit cards, 8 cheque books, and two laptops, equipment said to have been used in crimes ranging from sextortion to fake loan scams.

Three of the initial arrests revealed the use of fake kits like pre-activated SIMs and counterfeit documents to create phoney digital identities and bank accounts. They were being used to bypass KYC norms and make untraceable transactions, illustrating how cyber thieves exploit digital identity as well as financial authentication loopholes in the system.

Fake Call Centre Falsely Claiming to be a Lender

Tracing the leads, the investigation then led the police to Mundka, a semi-residential and industrial area in Delhi, where a fake call centre in the name of a loan assistance service was operating. Suspects were allegedly operating the business. With deceptive scripts, their telemarketing staff lured victims with the offer of instant personal loans. When a prospective victim replied favorably and was willing to go further, he was asked to send identification documents and was then forced to pay a "processing fee." Once the payment was made, the accused would cut off contact immediately, leaving the victims shortchanged.

During the raid, seven individuals were apprehended, six of whom were trained tele-callers with a reasonable level of technical skill. In spite of possessing educational certificates and receiving a meagre pay of between ₹8,000 and ₹9,000 a month, these individuals had been enticed into the cybercrime network, demonstrating how educated youth are now more commonly being exploited or recruited by such scam networks in return for quick money.

Uncovering the Sextortion Racket

The most shocking disclosure was that of a sextortion racket being run from New Ashok Nagar, a residential area located in West Delhi, New Delhi. Suspects tricked victims with fraudulent Facebook profiles, contacted them on Messenger, and then changed to WhatsApp video calls. Pornographic videos were played on such calls while the reactions of the victim were secretly recorded. These were later utilised for extortion by threatening to share them with the whole world. The ability of such a group to blackmail and psychologically manipulate the victims indicates the psychological nature of cybercrime and the need for online safety education.

Impact and Significance: A Wake-Up Call for Law Enforcement and Public Awareness

This crackdown is uncovering some ominous trends that reflect the changing face of cybercrime in India. The syndicate's framework highlights the organised and multi-state nature of cybercrime, mostly operating through systemic loopholes. Misuse of social media sites and fintech apps is also rampant, and these are being leveraged for scams, sextortion, and monetary fraud. One of the most concerning trends is young people becoming more engaged in cybercrime, either out of economic necessity or enticed by easy cash. Most of these scams increasingly involve psychological manipulation, particularly in sextortion, where shame and fear are employed as tools. Digital identity fraud has also been facilitated through false documents and lenient Know Your Customer (KYC) checks, with fraudsters being able to evade verification processes.

These observations underscore the necessity of strong reporting channels. There also needs to be an urgent implementation of stringent verification standards in the telecom and banking industries, along with extensive community-level digital literacy initiatives to sensitise citizens to online threats and preventive measures.

CyberPeace Vision: Building a Safe Digital India

India needs a multi-level cyber security approach, comprising people awareness, AI-driven detection systems, and coordination of inter-state policing. Precedence needs to be given to:

• Capacity building of cyber police units.
• Real-time exchange of scam intelligence among law enforcement.
• Schools, colleges, and workplaces should be aware of digital hygiene.
• Rehabilitation of cyber-offenders, especially youth.
• Countering online misinformation and disinformation through fact-checking and public education campaigns
• Ensuring inclusivity in cyber safety policies so vulnerable populations, including rural users, senior citizens, and linguistic minorities, are not left behind

The breakdown of the syndicate is a major victory, but the absence of difficulty with which these networks function highlights the need for cybercrime prevention initiatives, not after the fact. 

Conclusion 

The Delhi Police bust of a pan-India cybercrime gang is evidence of the increasing reach and audacity of cyber crooks from one corner of India to another. From sextortion and social engineering to financial fraud and identity theft on the web, the bust demonstrates how deep and pervasive cybercrime gangs have become. It is also a reminder that anyone can get entangled and that education, awareness, and early reporting are our best defence. With India's online presence expanding day by day, our collective cyber awareness must keep pace. The fight against cybercrime will not be won only by arrests, but through a national effort to secure our digital spaces.

‍

References

1. https://indianexpress.com/article/cities/delhi/delhi-police-cyber-crime-syndicate-10047218/
2. https://www.thehindu.com/news/cities/Delhi/delhi-police-bust-pan-india-cybercrime-syndicate/article69652694.ece#:~:text=The%20Delhi%20police%20have%20dismantled,and%20an%20orchestrated%20sextortion%20racket.
3. https://cybercrime.gov.in/
4. https://www.ncrb.gov.in/
5. https://economictimes.indiatimes.com/wealth/save/online-scams-are-on-the-rise-learn-about-the-latest-tricks-fraudsters-are-using-to-identify-frauds-and-protect-yourself/articleshow/114162295.cms?from=mdr

‍