#FactCheck-Video falsely links Lt Gen Rajiv Ghai to party dance clip; actually shows content creator’s father
Executive Summary
A video circulating on social media claims to show the Deputy Chief of Army Staff and former DGMO of the Indian Army, Lieutenant General Rajiv Ghai, dancing with a young woman at a party. Users sharing the clip further allege that other junior military officers were also present at the event. CyberPeace Research Wing research found the claim to be misleading. The viral video has no connection with the Indian Army, Lt Gen Rajiv Ghai, or any official military function. The person seen in the video is actually the father of content creator Akanksha Sehgal, who has featured him in multiple videos on her social media accounts.
Claim:
A Pakistani handle ‘Baba Thoka’ shared the video on X, alleging that Lt Gen Rajiv Ghai was seen dancing with young women at a party and that junior officers were also present.
- https://x.com/ThokaReturns/status/2068069535715147896?s=20
- https://archive.ph/H9EA0
Fact Check:
A reverse image search of keyframes from the viral video led to the same clip being found on Instagram handle ‘akku_sehgal_’, posted on December 14, 2025. The video caption read: “POV – when your dad and your music taste match.”
Further examination of the content creator Akanksha Sehgal’s Instagram profile showed multiple videos featuring the same father-daughter duo, confirming that the man in the viral clip frequently appears in her content.
Conclusion:
The viral video claiming to show Lieutenant General Rajiv Ghai dancing at a party is misleading. The individual seen in the video is not the senior Indian Army officer but the father of content creator Akanksha Sehgal.
Related Blogs
Executive Summary
Amid the ongoing war between the United States–Israel alliance and Iran since February 28, 2026, two videos are going viral across social media platforms. The clips show people running in panic, with visuals suggesting a large-scale attack. Users are sharing these videos with the claim that they depict Iran’s recent strikes on Israel. However, a research by the CyberPeace has found both claims to be false. The viral posts are misleading, as the videos are actually from the 9/11 terrorist attacks on the World Trade Center in New York, United States. They have no connection to the current conflict involving Iran or Israel.
Claim
A Facebook page titled ‘Bihar Ko Nihar’ shared one of the videos on March 25, 2026, with the caption: “Iran has launched its most powerful attack on Israel so far. Thousands of soldiers are reported dead, triggering massive protests within the country, and Israel appears completely helpless.” Similarly, another video is being circulated with the false claim that Iran has launched a missile attack on the United States.
The above claims are being widely shared by multiple users across different social media platforms. Archived versions of these posts are also available.
- https://www.facebook.com/reel/4317571078525937
- https://www.facebook.com/reel/1485000739860984
- https://perma.cc/E98R-A4CT
Fact Check
To verify the authenticity of the videos, keyframes were extracted and analyzed using Google Lens. The first viral clip was traced back to a YouTube video uploaded on September 11, 2007, by a channel named ‘Jumperwtc’, which clearly identifies the footage as being from the World Trade Center attacks in the United States. This confirms that the viral video is a segment from that older footage.
For the second video, reverse image searches led to a report published on CBS8.com on September 10, 2021, where the same visuals were found. Further reesearch revealed that the footage also appears in a video uploaded on September 11, 2021, by the YouTube channel ‘CBS 8 San Diego’. The viral segment can be seen around the 1:11 timestamp in that video.
Conclusion
Both viral videos being shared as recent attacks by Iran on Israel or the United States are actually old clips from the 9/11 attacks on the World Trade Center in New York. The claims are false, and the videos are unrelated to the ongoing conflict in West Asia.
Introduction
The digital realm is evolving at a rapid pace, revolutionising cyberspace at a breakneck speed. However, this dynamic growth has left several operational and regulatory lacunae in the fabric of cyberspace, which are exploited by cybercriminals for their ulterior motives. One of the threats that emerged rapidly in 2024 is proxyjacking, in which vulnerable systems are exploited by cyber criminals to sell their bandwidth to third-party proxy servers. This cyber threat poses a significant threat to organisations and individual servers.
Proxyjacking is a kind of cyber attack that leverages legit bandwidth sharing services such as Peer2Profit and HoneyGain. These are legitimate platforms but proxyjacking occurs when such services are exploited without user consent. These services provide the opportunity to monetize their surplus internet bandwidth by sharing with other users. The model itself is harmless but provides an avenue for numerous cyber hostilities. The participants install net-sharing software and add the participating system to the proxy network, enabling users to route their traffic through the system. This setup intends to enhance privacy and provide access to geo-locked content.
The Modus Operandi
These systems are hijacked by cybercriminals, who sell the bandwidth of infected devices. This is achieved by establishing Secure Shell (SSH) connections to vulnerable servers. While hackers rarely use honeypots to render elaborate scams, the technical possibility of them doing so cannot be discounted. Cowrie Honeypots, for instance, are engineered to emulate UNIX systems. Attackers can use similar tactics to gain unauthorized access to poorly secured systems. Once inside the system, attackers utilise legit tools such as public docker images to take over proxy monetization services. These tools are undetectable to anti-malware software due to being genuine software in and of themselves. Endpoint detection and response (EDR) tools also struggle with the same threats.
The Major Challenges
Limitation Of Current Safeguards – current malware detection software is unable to distinguish between malicious and genuine use of bandwidth services, as the nature of the attack is not inherently malicious.
Bigger Threat Than Crypto-Jacking – Proxyjacking poses a bigger threat than cryptojacking, where systems are compromised to mine crypto-currency. Proxyjacking uses minimal system resources rendering it more challenging to identify. As such, proxyjacking offers perpetrators a higher degree of stealth because it is a resource-light technique, whereas cryptojacking can leave CPU and GPU usage footprints.
Role of Technology in the Fight Against Proxyjacking
Advanced Safety Measures- Implementing advanced safety measures is crucial in combating proxyjacking. Network monitoring tools can help detect unusual traffic patterns indicative of proxyjacking. Key-based authentication for SSH can significantly reduce the risk of unauthorized access, ensuring that only trusted devices can establish connections. Intrusion Detection Systems and Intrusion Prevention Systems can go a long way towards monitoring unusual outbound traffic.
Robust Verification Processes- sharing services must adopt robust verification processes to ensure that only legitimate users are sharing bandwidth. This could include stricter identity verification methods and continuous monitoring of user activities to identify and block suspicious behaviour.
Policy Recommendations
Verification for Bandwidth Sharing Services – Mandatory verification standards should be enforced for bandwidth-sharing services, including stringent Know Your Customer (KYC) protocols to verify the identity of users. A strong regulatory body would ensure proper compliance with verification standards and impose penalties. The transparency reports must document the user base, verification processes and incidents.
Robust SSH Security Protocols – Key-based authentication for SSH across organisations should be mandated, to neutralize the risk of brute force attacks. Mandatory security audits of SSH configuration within organisations to ensure best practices are complied with and vulnerabilities are identified will help. Detailed logging of SSH attempts will streamline the process of identification and investigation of suspicious behaviour.
Effective Anomaly Detection System – Design a standard anomaly detection system to monitor networks. The industry-wide detection system should focus on detecting inconsistencies in traffic patterns indicating proxy-jacking. Establishing mandatory protocols for incident reporting to centralised authority should be implemented. The system should incorporate machine learning in order to stay abreast with evolving attack methodologies.
Framework for Incident Response – A national framework should include guidelines for investigation, response and remediation to be followed by organisations. A centralized database can be used for logging and tracking all proxy hacking incidents, allowing for information sharing on a real-time basis. This mechanism will aid in identifying emerging trends and common attack vectors.
Whistleblower Incentives – Enacting whistleblower protection laws will ensure the proper safety of individuals reporting proxyjacking activities. Monetary rewards provide extra incentives and motivate individuals to join whistleblowing programs. To provide further protection to whistleblowers, secure communication channels can be established which will ensure full anonymity to individuals.
Conclusion
Proxyjacking represents an insidious and complicated threat in cyberspace. By exploiting legitimate bandwidth-sharing services, cybercriminals can profit while remaining entirely anonymous. Addressing this issue requires a multifaceted approach, including advanced anomaly detection systems, effective verification systems, and comprehensive incident response frameworks. These measures of strong cyber awareness among netizens will ensure a healthy and robust cyberspace.
References
- https://gridinsoft.com/blogs/what-is-proxyjacking/
- https://www.darkreading.com/cyber-risk/ssh-servers-hit-in-proxyjacking-cyberattacks
- https://therecord.media/hackers-use-log4j-in-proxyjacking-scheme
Executive Summary
Mumbai’s Mira–Bhayandar bridge has recently been in the news due to its unusual design. In this context, a photograph is going viral on social media showing a bus seemingly stuck on the bridge. Some users are also sharing the image while claiming that it is from Sonpur subdivision in Bihar. However, an research by the CyberPeace has found that the viral image is not real. The bridge shown in the image is indeed the Mira–Bhayandar bridge, which is under discussion because its design causes it to suddenly narrow from four lanes to two lanes. That said, the bridge is not yet operational, and the viral image showing a bus stuck on it has been created using Artificial Intelligence (AI).
Claim
An Instagram user shared the viral image on January 29, 2026, with the caption:“Are Indian taxpayers happy to see that this is funded by their money?” The link, archive link, and screenshot of the post can be seen below.
Fact Check:
To verify the claim, we first conducted a Google Lens reverse image search. This led us to a post shared by X (formerly Twitter) user Manoj Arora on January 29. While the bridge structure in that image matches the viral photo, no bus is visible in the original post.This raised suspicion that the viral image had been digitally manipulated.
We then ran the viral image through the AI detection tool Hive Moderation, which flagged it as over 99% likely to be AI-generated
Conclusion
The CyberPeace research confirms that while the Mira–Bhayandar bridge is real and has been in the news due to its design, the viral image showing a bus stuck on the bridge has been created using AI tools. Therefore, the image circulating on social media is misleading.
