#FactCheck- Burning Helicopter Video Not From Iran, Dates Back to 2020 Syria
Research Wing
Innovation and Research
PUBLISHED ON
Apr 20, 2026
10
Executive Summary
A video showing a helicopter engulfed in flames is being widely circulated on social media with the claim that it depicts an American Black Hawk helicopter shot down by Iran during the ongoing Middle East conflict. However, research by the CyberPeace Research Wing found the claim to be false. The viral footage is old and dates back to February 2020, showing a helicopter shot down in Syria, not Iran.
Claim
A Facebook post shared from Nigeria on April 6, 2026, claimed: “The moment an American Black Hawk helicopter was struck by an Iranian heat-seeking missile.” The post, which has been shared over 100 times, includes a 50-second video showing a helicopter exploding mid-air and crashing to the ground.
On April 3, a US F-15E Strike Eagle was reportedly shot down over Iran, marking the first such incident since the start of the ongoing Middle East conflict.
Two Black Hawk helicopter deployed for a search-and-rescue mission for the jet’s crew were also hit by Iranian fire but managed to return to base, despite some crew members being injured.
US President Donald Trump had earlier announced the recovery of a missing pilot, describing it as “one of the most daring search and rescue operations in US history. ”
However, the viral video being shared as evidence of the downing of a US aircraft predates these events. Using reverse image search on keyframes from the clip, we found a longer version published by Euronews on February 11, 2020. The Arabic title of the video translates to: “Syrian regime helicopter shot down in Idlib, two pilots killed.” Reports indicate that the incident occurred in Idlib, Syria, in February 2020, where a military helicopter was shot down and caught fire before crashing.
The viral claim is false. The footage does not show an American helicopter shot down by Iran. Instead, it is an old video from February 2020 depicting a helicopter crash in Syria, which is being shared with a misleading and unrelated narrative.
A video of US Secretary of State Marco Rubio is rapidly going viral on social media, in which he can allegedly be heard making a statement regarding the 2025 India-Pakistan conflict. Along with the video, it is being claimed that the US played a crucial role in ending the conflict between the two countries, but India was the first to initiate a ceasefire with Pakistan. Users are sharing this video believing it to be true.
Research by the CyberPeace Research Wing revealed that the video has been digitally manipulated. Rubio did state that the United States played a role in ending the conflict, but he never said that India was the first to request a ceasefire from Pakistan. This alleged statement was not part of the original video and was added later to alter the clip.
Claim
A user on a Facebook page shared the viral video and wrote, "Marco Rubio's statement has clearly brought out the truth, weakening India's claim. During 'Maarka-e-Haq', after suffering heavy losses, India was the first party to request a ceasefire from Pakistan. This highlights the gap between India's public claims and the ground reality, where the military..." The post link, archive link, and screenshot can be seen below. https://www.facebook.com/reel/1015648544746728
We investigated the viral video using the InVid tool and extracted several of its keyframes. These keyframes were then subjected to a reverse image search via Google Lens. The investigation revealed that the exact same video had been shared on social media previously, showing the same background and setting. The post link and screenshot can be seen below.
In the next step of our investigation, we found a video published on Reuters' official YouTube channel on June 2, 2026, whose background matches the viral video. However, nowhere in this original video is Marco Rubio heard saying that India was the first to request a ceasefire from Pakistan. The post link and screenshot can be seen below.
At the 2-hour 8-minute 55-second mark of the Reuters video, Rubio only states that the US played a role in ending the India-Pakistan conflict. Following this, he discusses the Thailand-Cambodia conflict. This makes it clear that the alleged statement in the viral video was digitally added or edited in, and is not part of the original footage.
Taking the investigation further, we scanned the suspicious audio portion of the viral video using the AI detection tool 'Resemble AI'. According to the analysis results, clear signs of audio manipulation were detected.
Conclusion:
Our investigation revealed that the video has been digitally manipulated. Rubio did state that the United States played a role in ending the conflict, but he never said that India was the first to request a ceasefire from Pakistan. This alleged statement was not part of the original video and was altered by adding it later.
Over the past decade, India has experienced a rapid digitalisation process. The rise of digital financial services, affordable internet costs, and the penetration of smartphones have transformed the way people communicate, transact and do business online.
Online payment systems, including Unified Payments Interface (UPI), have enabled real-time transactions between banks and financial systems. As much as these systems have enhanced access to finance and efficiency, they have also created new opportunities for cybercriminals.
Cybercrime has evolved alongside the shift of financial and social interactions to digital platforms. The fraud attacks on online payments, online banking, and personal information have become common and increasingly costly.
To analyse the scale and trend of cybercrime in India, this analysis will use the datasets released by the National Crime Records Bureau (NCRB) and financial fraud data released by the Indian Cyber Crime Coordination Centre (I4C) under the Ministry of Home Affairs.
The data released by the NCRB documents cybercrime incidents registered by the police at the national level under the Information Technology Act, 2000 (IT Act) and criminal provisions covering offences such as cheating, impersonation, and digital fraud. In the past, the offences were listed in the provisions of the Indian Penal Code (IPC). Following criminal law reforms in India, on 1 July 2024, the Bharatiya Nyaya Sanhita (BNS), which replaced the IPC, came into force. Section 419 (cheating by impersonation), IPC, would be related to BNS Section 319 and Section 420 (cheating and dishonestly inducing delivery of property), which would be related to BNS Section 318(4). Similarly, crimes involving forgery and use of forged documents or electronic documents, which were previously contained in the IPC Sections 465-471, are dealt with in BNS Sections 335-340.
The data published by the NCRB represent the number of crimes that reached the point of the First Information Report (FIR) registration, meaning they reflect only cybercrime cases that were formally presented to the law enforcement system to investigate, rather than all complaints reported. The data shows that cybercrime cases increased from 27,248 in 2018 to 86,420 in 2023, a 3.17-fold increase in 5 years.
Two structural shifts are visible: the post-pandemic jump and subsequent acceleration.
However, these figures likely underestimate the true scale of cybercrime because many incidents are reported only through online complaint portals and may not result in FIR registration.
This dataset tracks financial fraud complaints reported through the National Cyber Crime Reporting Portal (NCRP) and the estimated financial losses associated with those complaints.
The financial losses reported between 2021 and 2024 increased by 41 times over four years, compared to 2021, from 551 crore to 22,848 crore. At the same time, the number of complaints rose from 262,846 to over 1.9 million, an increase of ~623%, indicating both rising victimisation and greater public awareness of reporting mechanisms.
The contrast between these two trends is striking:
While complaints increased by around 7 times, financial losses increased by over 40 times.
Distribution of Cyber-Fraud Complaints and Financial Losses by Fraud Type
This divergence implies an uneven relationship between the number of incidents and the financial damage that they inflict. Most cyber fraud incidents involve relatively small transaction values; however, a smaller group of fraud categories result in disproportionate numbers of financial losses.
Distribution of Financial Losses Across Major Cyber-Fraud Categories in India
As reported by The Indian Express, based on the data compiled by the I4C, investment-related scams alone account for roughly 77% of reported cyber-fraud losses, followed by smaller shares from “digital arrest” scams (8%), credit card fraud (7%), sextortion (4%), e-commerce fraud (3%), and malware or app-based fraud (1%). This distribution means that even though scams with lower values, like phishing, OTP fraud, and small payment fraud, produce a high proportion of complaints, few categories of fraud produce most of the financial losses.
Analysis
1. Cybercrime is expanding faster than most traditional crimes: The fact that cybercrime cases have tripled in five years shows that cyber offences are presently becoming a significant element of Indian crime. Unlike conventional crimes that require physical proximity, cybercrime can be conducted remotely and at scale, enabling perpetrators to target large numbers of victims simultaneously.
2. Financial losses are concentrated in a small set of fraud categories: As cases of cybercrimes have been on the increase, the monetary losses of digital fraud cases have been increasing at a higher rate. The fact that the number of reported financial losses has increased 40 times in 4 years indicates that cybercrime has a very high economic impact.
3. Complaint volumes and financial damage follow different patterns: When comparing complaints and financial losses, it is evident that cyber fraud losses are unevenly distributed across types of incidents. Most of the prevalent scams reported, including phishing or OTP fraud, involve relatively small transaction values but yield a high portion of complaints. Conversely, fewer categories of fraud, especially investment-based schemes, contribute a significantly higher percentage of total financial losses.
4. Digital financial infrastructure has expanded the attack surface: India’s rapid adoption of digital payment systems, mobile banking and digital financial systems has dramatically increased the number of potential victims of cybercriminals. The scale of online transactions creates new vulnerabilities that organised cybercrime networks take advantage of.
5. Reporting improvements reveal previously hidden crime: The expansion of national reporting systems has enhanced the transparency in the trends of cybercrime. The increase in the number of complaints recorded is partially due to improved reporting systems and not necessarily to the increased criminal activity, meaning that previous data might have understated the magnitude of cyber fraud.
Recommendations
1. Move from reactive policing to proactive cyber-risk monitoring: The conventional models of policing focus on investigation of crimes that have already taken place. With such a magnitude and pace of cyber fraud, India should have systems that are designed to detect and prevent the fraud at its early stages, such as real-time observation of suspicious patterns in transactions by financial institutions.
2. Strengthen financial intelligence sharing across institutions: There are a lot of instances of cyber fraud that use more than one bank, payment system, and telecommunication provider. To detect new networks of fraud sooner, it can be suggested to establish more information-sharing measures between the financial institution and law enforcement agencies.
3. Target organised cyber fraud networks rather than individual incidents: Many digital scams operate through organised networks that coordinate phishing, mule accounts, and fake payment channels. The solution in regard to this involves dismantling these networks through investigative procedures instead of treating incidents on a case-by-case basis.
4. Improve recovery mechanisms for stolen funds: The recovery of the funds lost is one of the most difficult issues in cases of cyber fraud. Expanding systems such as the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS) can improve the speed at which fraudulent transactions are frozen or reversed.
5. Strengthen digital financial literacy: A significant percentage of cyber frauds are based on social engineering methods that take advantage of user behaviour as opposed to technical weaknesses. Victimisation can be greatly reduced through specific public awareness efforts on typical scam schemes.
Conclusion
India’s experience illustrates a broader global trend: as economies digitise, crime increasingly follows the flow of digital money. While cybercrime incidents are rising steadily, the much faster growth in financial losses suggests that cybercriminals are becoming more organised, technologically sophisticated, and economically motivated.
Following a recent protest at Delhi’s Jantar Mantar, members of the self-styled “Cockroach Janata Party” also staged a demonstration in Pune, Maharashtra, demanding the resignation of Union Education Minister Dharmendra Pradhan. Amid this backdrop, a photograph has gone viral on social media purportedly showing the party’s founder, Abhijeet Dipke, posing with Prime Minister Narendra Modi. CyberPeace Research Wing research found that the image is not genuine. The photograph has been created using Artificial Intelligence (AI) and does not depict a real meeting between the two individuals.
Claim
An X user, “subhash Kumar sharma,” shared the viral image on June 8, 2026, with the caption: “This is the real face of the Cockroach... the rest you all understand. They were begging for Pradhan’s resignation at Jantar Mantar… did they get it or not?” The archived and original links to the post can be seen below:
To verify the claim, we conducted a reverse image search using Google. However, we did not find any credible news reports related to the viral photograph. We also searched using relevant keywords, but no reliable information supporting the claim was found. We then examined the official X account of Abhijeet Dipke, founder of the “Cockroach Janata Party.” No post, photograph, or information related to any meeting with Prime Minister Narendra Modi was found on his account.
The absence of any credible evidence led us to suspect that the image may have been generated using AI. To further verify its authenticity, we analyzed the image using AI-detection tools. The first tool, Hive Moderation, indicated a nearly 99 percent probability that the image was AI-generated. The analysis also suggested signs consistent with content produced by generative AI models.
We then examined the image using another AI-detection platform, Sightengine. Its analysis likewise indicated a 99 percent likelihood that the image was AI-generated and showed characteristics commonly associated with AI-created visuals.
Conclusion
Our research found that the claim accompanying the viral image is false. The photograph purportedly showing Prime Minister Narendra Modi with Cockroach Janata Party founder Abhijeet Dipke is not real. The image has been generated using Artificial Intelligence and does not represent an actual meeting or event.
Become a part of our vision to make the digital world safe for all!
Numerous avenues exist for individuals to unite with us and our collaborators in fostering global cyber security
Awareness
Stay Informed: Elevate Your Awareness with Our Latest Events and News Articles Promoting Cyber Peace and Security.
Your institution or organization can partner with us in any one of our initiatives or policy research activities and complement the region-specific resources and talent we need.