#FactCheck -Analysis Reveals AI-Generated Anomalies in Viral ‘Russia Snow Jump’ Video”
Executive Summary
A dramatic video showing several people jumping from the upper floors of a building into what appears to be thick snow has been circulating on social media, with users claiming that it captures a real incident in Russia during heavy snowfall. In the footage, individuals can be seen leaping one after another from a multi-storey structure onto a snow-covered surface below, eliciting reactions ranging from amusement to concern. The claim accompanying the video suggests that it depicts a reckless real-life episode in a snow-hit region of Russia.
A thorough analysis by CyberPeace confirmed that the video is not a real-world recording but an AI-generated creation. The footage exhibits multiple signs of synthetic media, including unnatural human movements, inconsistent physics, blurred or distorted edges, and a glossy, computer-rendered appearance. In some frames, a partial watermark from an AI video generation tool is visible. Further verification using the Hive Moderation AI-detection platform indicated that 98.7% of the video is AI-generated, confirming that the clip is entirely digitally created and does not depict any actual incident in Russia.
Claim:
The video was shared on social media by an X (formerly Twitter) user ‘Report Minds’ on January 25, claiming it showed a real-life event in Russia. The post caption read: "People jumping off from a building during serious snow in Russia. This is funny, how they jumped from a storey building. Those kids shouldn't be trying this. It's dangerous." Here is the link to the post, and below is a screenshot.
Fact Check:
The Desk used the InVid tool to extract keyframes from the viral video and conducted a reverse image search, which revealed multiple instances of the same video shared by other users with similar claims. Upon close visual examination, several anomalies were observed, including unnatural human movements, blurred and distorted sections, a glossy, digitally-rendered appearance, and a partially concealed logo of the AI video generation tool ‘Sora AI’ visible in certain frames. Screenshots highlighting these inconsistencies were captured during the research .
- https://x.com/DailyLoud/status/2015107152772297086?s=20
- https://x.com/75secondes/status/2015134928745164848?s=20
The video was analyzed on Hive Moderation, an AI-detection platform, which confirmed that 98.7% of the content is AI-generated.
The viral video showing people jumping off a building into snow, claimed to depict a real incident in Russia, is entirely AI-generated. Social media users who shared it presented the digitally created footage as if it were real, making the claim false and misleading.
Related Blogs
Introduction
In recent years, India has seen tremendous growth in its space industry. The satellite infrastructure of India now provides key services to a variety of sectors, including communication, navigation, broadcasting, disaster management and national security operations. Satellite communications globally will connect remote communities, aid in the delivery of Digital Governance and support India's strategic military capabilities. Given the expanding space ecosystem in India with the involvement of the public sector, private sector and research institutions, the security of satellite communications is becoming increasingly important.
At the same time, as satellite communication technologies become more pervasive, the risk of cyber threats targeting space systems increases. Cyberattacks against satellites, ground terminals or communication networks may critically impact, disrupt, damage, and/or destroy essential services, and expose sensitive information. To mitigate these risks, CERT-In (Computer Emergency Response Team), in collaboration with the SatCom Industry Association of India released a Cyber Security Framework and Guidelines for Space Platforms/Systems, including Satellite Communication, in 2026. This framework aims to establish and enhance cybersecurity measures throughout India's space ecosystem, while guiding how to better prepare for and respond to the growing volume of cyber threat activity targeting Space Systems.
Overview of the CERT-In Space Cybersecurity Framework
CERT-In introduced a dedicated cybersecurity framework for space systems in February 2026. Developed in collaboration with industry stakeholders, the framework provides guidelines to strengthen the security of satellite communication infrastructure across India. Although the guidelines are advisory in nature, they are designed to promote best practices and encourage organisations to adopt robust cybersecurity measures.
The framework targets a wide range of stakeholders involved in satellite communication operations. These include government agencies, satellite operators, ground station operators, equipment manufacturers, technology vendors, and emerging space startups. By outlining cybersecurity principles, technical controls, and governance mechanisms, the framework aims to create a coordinated approach to protecting space assets.
Another key objective of the guidelines is to foster collaboration between the public and private sectors. As India’s space industry expands and private participation increases, maintaining a secure and resilient ecosystem becomes essential. The framework, therefore, emphasises risk management, incident reporting, and continuous monitoring to strengthen the overall cybersecurity posture of the space sector.
Key Components of Satellite Communication Systems
Satellite communication systems are made up of multiple interconnected devices that can be used to deliver communication services. The cybersecurity framework groups these elements into three categories: the space segment, the ground segment, and the user segment.
The space segment is everything related to the satellite itself, including the satellite's onboard systems. This includes the satellite's communication payload, telemetry systems, antennas, power systems, and software that controls its operation. Because satellites operate in remote parts of space with very little opportunity for maintenance, securing these systems is critical in order to guard against unauthorized access to or control of these systems.
The ground segment comprises the terrestrial infrastructure responsible for controlling the satellite's operations. It consists of satellite mission control centres, ground stations, network gateways and data processing facilities. The ground stations send commands to the satellites and receive telemetry data from the satellites, which makes the ground station a very important physical interface point between the satellite asset located in outer space and a terrestrial network.
The user segment contains any device terminal being used by either an individual or an organisation that is accessing a satellite service. Examples of user devices are satellite phones, VSAT terminals, modems, and IoT devices connected to satellite networks. Since these devices connect directly to the communication networks, vulnerabilities in user equipment could also represent a significant threat to the cybersecurity of satellite communications.
Major Cyber Threats to Space Infrastructure
The space systems that support the delivery of satellite communications are being increasingly targeted with multiple types of cyber threats. A major category includes cyber-attacks on communication links between satellites and ground stations. Cyber criminals can attempt to jam the satellite’s communication link, intercept communication signals, or re-transmit previously sent communication signals in order to disrupt the operation of the affected satellites.
Attacks on the systems that control the satellite are serious threats to satellite operations. Cybercriminals and hostile actors can perform command injection attacks where commands are sent to a satellite, and the satellite responds through some undesired action. If cybercriminals are able to gain access to the telemetry or command channels, they can potentially disrupt the operation of the satellite or alter the telemetry data being received from the satellite.
The ground infrastructure that supports satellite communications is still a major target for cybercriminals. Mission control networks and data centres are susceptible to malware, ransomware, phishing, and insider threats. Attackers will frequently target ground stations because they provide a connection point to terrestrial networks and can exploit vulnerabilities from the ground station’s IT systems into the satellite control systems. The combination of these threats illustrates the need for an overall security strategy that encompasses all parts of the satellite communications ecosystem.
Key Security Principles and Measures
A comprehensive overview of multiple principles designed to increase the security of satellite communications is provided in the CERT-In Framework on Cybersecurity for Satellite Communications. The first of these principles, security by design, refers to ensuring that all cybersecurity controls associated with a system are implemented at the time of the system's initial design and development, not afterwards; therefore, security controls should be incorporated throughout the entire lifecycle of a satellite system.
The second principle, which is known as Defense-in-Depth, consists of implementing many different layers or tiers of security controls to protect a system against cyber threats or attacks. An example of the different categories of security controls includes physical security, network security, and access control, among others. By combining security controls across multiple categories, an organisation may be able to reduce the chance that one single vulnerability will result in the loss of the entire system.
The third principle in the Framework, Zero Trust Architecture (ZTA): Users and/or devices located within a network should not be able to rely on implicit trust. Therefore, every request for access to the network will be verified and continuously monitored for potential threats.
The previous two principles stated that secure satellite communications should be conducted using strong encryption and authentication methods, as well as secure communications methods, and that an enterprise monitoring system would be put into place to help detect anomalies or suspicious behaviour.
Conclusion
India is taking an important step toward protecting its expanding space ecosystem by creating a cybersecurity framework to safeguard cyberspace systems from cyber threats. The CERT-In guidelines offer a structured means of reducing the likelihood of cyber threats impacting satellite communication infrastructure through secure system design, continuous monitoring of systems and creating consistent partnerships among organisations. As well as providing evidence that both government and private sector organisations share a collective responsibility for the protection of space assets, both sectors participate in a collaborative effort.
India will need to implement rigorous cybersecurity measures as it expands its space infrastructure in order to ensure the continued availability of critical space infrastructure and ultimately develop its existing commercial satellite business operations with the highest level of safety and security.
References
- https://www.cert-in.org.in/s2cMainServlet?pageid=GUIDLNVIEW02&refcode=CISG-2026-01
- https://www.pib.gov.in/PressReleasePage.aspx?PRID=2233122®=3&lang=1
Executive Summary
A video is being widely shared on social media linking it to the ongoing tensions between Israel and Iran. The clip shows multiple fighter jets flying across the sky, while massive flames appear to be rising from tall buildings below. The visuals are dramatic and alarming, creating the impression of a large-scale military strike. Users sharing the video claim that after Israel carried out an attack, Iran launched a retaliatory strike on Israel, and that the viral footage captures the aftermath of this counterattack. However, research conducted by the CyberPeace found the claim to be misleading. Our research revealed that the viral video is not authentic but AI-generated.
Claim
On the social media platform Facebook, a user shared the viral video with the caption: “Iran has also carried out a retaliatory attack on Israel.”
(Post link and archive link provided above.)
Factcheck
Upon closely examining the video, we noticed several irregularities in the visuals and motion patterns, which raised suspicion that the footage may have been generated using artificial intelligence. To verify this, we analyzed the video using the AI detection tool developed by Hive Moderation. According to the analysis report, there is a 62 percent likelihood that the viral video is AI-generated.
As part of further verification, we also scanned the video using Sightengine. The results indicated an even stronger probability, suggesting that the video is 99 percent AI-generated.
Conclusion
Our research confirms that the viral video does not depict a real military attack. It is AI-generated content being falsely shared in the context of Israel-Iran tensions.
Introduction
The digital realm is evolving at a rapid pace, revolutionising cyberspace at a breakneck speed. However, this dynamic growth has left several operational and regulatory lacunae in the fabric of cyberspace, which are exploited by cybercriminals for their ulterior motives. One of the threats that emerged rapidly in 2024 is proxyjacking, in which vulnerable systems are exploited by cyber criminals to sell their bandwidth to third-party proxy servers. This cyber threat poses a significant threat to organisations and individual servers.
Proxyjacking is a kind of cyber attack that leverages legit bandwidth sharing services such as Peer2Profit and HoneyGain. These are legitimate platforms but proxyjacking occurs when such services are exploited without user consent. These services provide the opportunity to monetize their surplus internet bandwidth by sharing with other users. The model itself is harmless but provides an avenue for numerous cyber hostilities. The participants install net-sharing software and add the participating system to the proxy network, enabling users to route their traffic through the system. This setup intends to enhance privacy and provide access to geo-locked content.
The Modus Operandi
These systems are hijacked by cybercriminals, who sell the bandwidth of infected devices. This is achieved by establishing Secure Shell (SSH) connections to vulnerable servers. While hackers rarely use honeypots to render elaborate scams, the technical possibility of them doing so cannot be discounted. Cowrie Honeypots, for instance, are engineered to emulate UNIX systems. Attackers can use similar tactics to gain unauthorized access to poorly secured systems. Once inside the system, attackers utilise legit tools such as public docker images to take over proxy monetization services. These tools are undetectable to anti-malware software due to being genuine software in and of themselves. Endpoint detection and response (EDR) tools also struggle with the same threats.
The Major Challenges
Limitation Of Current Safeguards – current malware detection software is unable to distinguish between malicious and genuine use of bandwidth services, as the nature of the attack is not inherently malicious.
Bigger Threat Than Crypto-Jacking – Proxyjacking poses a bigger threat than cryptojacking, where systems are compromised to mine crypto-currency. Proxyjacking uses minimal system resources rendering it more challenging to identify. As such, proxyjacking offers perpetrators a higher degree of stealth because it is a resource-light technique, whereas cryptojacking can leave CPU and GPU usage footprints.
Role of Technology in the Fight Against Proxyjacking
Advanced Safety Measures- Implementing advanced safety measures is crucial in combating proxyjacking. Network monitoring tools can help detect unusual traffic patterns indicative of proxyjacking. Key-based authentication for SSH can significantly reduce the risk of unauthorized access, ensuring that only trusted devices can establish connections. Intrusion Detection Systems and Intrusion Prevention Systems can go a long way towards monitoring unusual outbound traffic.
Robust Verification Processes- sharing services must adopt robust verification processes to ensure that only legitimate users are sharing bandwidth. This could include stricter identity verification methods and continuous monitoring of user activities to identify and block suspicious behaviour.
Policy Recommendations
Verification for Bandwidth Sharing Services – Mandatory verification standards should be enforced for bandwidth-sharing services, including stringent Know Your Customer (KYC) protocols to verify the identity of users. A strong regulatory body would ensure proper compliance with verification standards and impose penalties. The transparency reports must document the user base, verification processes and incidents.
Robust SSH Security Protocols – Key-based authentication for SSH across organisations should be mandated, to neutralize the risk of brute force attacks. Mandatory security audits of SSH configuration within organisations to ensure best practices are complied with and vulnerabilities are identified will help. Detailed logging of SSH attempts will streamline the process of identification and investigation of suspicious behaviour.
Effective Anomaly Detection System – Design a standard anomaly detection system to monitor networks. The industry-wide detection system should focus on detecting inconsistencies in traffic patterns indicating proxy-jacking. Establishing mandatory protocols for incident reporting to centralised authority should be implemented. The system should incorporate machine learning in order to stay abreast with evolving attack methodologies.
Framework for Incident Response – A national framework should include guidelines for investigation, response and remediation to be followed by organisations. A centralized database can be used for logging and tracking all proxy hacking incidents, allowing for information sharing on a real-time basis. This mechanism will aid in identifying emerging trends and common attack vectors.
Whistleblower Incentives – Enacting whistleblower protection laws will ensure the proper safety of individuals reporting proxyjacking activities. Monetary rewards provide extra incentives and motivate individuals to join whistleblowing programs. To provide further protection to whistleblowers, secure communication channels can be established which will ensure full anonymity to individuals.
Conclusion
Proxyjacking represents an insidious and complicated threat in cyberspace. By exploiting legitimate bandwidth-sharing services, cybercriminals can profit while remaining entirely anonymous. Addressing this issue requires a multifaceted approach, including advanced anomaly detection systems, effective verification systems, and comprehensive incident response frameworks. These measures of strong cyber awareness among netizens will ensure a healthy and robust cyberspace.
References
- https://gridinsoft.com/blogs/what-is-proxyjacking/
- https://www.darkreading.com/cyber-risk/ssh-servers-hit-in-proxyjacking-cyberattacks
- https://therecord.media/hackers-use-log4j-in-proxyjacking-scheme
