#FactCheck : Iraq Religious Gathering Video Misused as Khamenei Funeral Footage

Introduction

This tale, the Toothbrush Hack, straddles the ordinary and the sophisticated; an unassuming household item became the tool for committing cyber crime. Herein lies the account of how three million electronic toothbrushes turned into the unwitting infantry in a cyber skirmish—a Distributed Denial of Service (DDoS) assault that flirted with the thin line that bridges the real and the outlandish.

In January, within the  Swiss borders, a story began circulating—first reported by the Aargauer Zeitung, a Swiss German-language daily newspaper. A legion of cybercriminals, with honed digital acumen, had planted malware on some three million electric toothbrushes. These devices, mere slivers of plastic and circuitry, became agents of chaos, converging their electronic requests upon the servers of an undisclosed Swiss firm, hurling that digital domain into digital blackout for several hours and wreaking an economic turmoil calculated in seven-figure sums.

The entire Incident

It was claimed that three million electric toothbrushes were allegedly used for a distributed denial-of-service (DDoS) attack, first reported by the Aargauer Zeitung, a Swiss German-language daily newspaper. The article claimed that cybercriminals installed malware on the toothbrushes and used them to access a Swiss company's website, causing the site to go offline and causing significant financial loss. However, cybersecurity experts have questioned the veracity of the story, with some describing it as "total bollocks" and others pointing out that smart electric toothbrushes are connected to smartphones and tablets via Bluetooth, making it impossible for them to launch DDoS attacks over the web. Fortinet clarified that the topic of toothbrushes being used for DDoS attacks was presented as an illustration of a given type of attack and that no IoT botnets have been observed targeting toothbrushes or similar embedded devices.

The Tech Dilemma - IOT Hack

Imagine the juxtaposition of this narrative against our common expectations of technology: 'This example, which could have been from a cyber thriller, did indeed occur,' asserted the narratives that wafted through the press and social media. The story radiated outward with urgency, painting the image of IoT devices turned to evil tools of digital unrest. It was disseminated with such velocity that face value became an accepted currency amid news cycles. And yet, skepticism took root in the fertile minds of those who dwell in the domains of cyber guardianship.

Several cyber security and IOT experts, postulated that the information from Fortinet had been contorted by the wrench of misinterpretation. They and their ilk highlighted a critical flaw: smart electric toothbrushes are bound to their smartphone or tablet counterparts by the tethers of Bluetooth, not the internet, stripping them of any innate ability to conduct DDoS or any other type of cyber attack directly.

With this unraveling of an incident fit for our cyber age, we are presented with a sobering reminder of the threat spectrum that burgeons as the tendrils of the Internet of Things (IoT) insinuate themselves into our everyday fabrics. Innocuous devices, previously deemed immune to the internet's shadow, now stand revealed as potential conduits for cyber evil. The layers of impact are profound, touching the private spheres of individuals, the underpinning frameworks of national security, and the sinews that clutch at our economic realities. The viral incident was a misinformation. 

IOT Weakness

IoT devices bear inherent weaknesses for twin reasons: the oft-overlooked element of security and the stark absence of a means to enact those security measures. Ponder this problem Is there a pathway to traverse the security settings of an electric toothbrush? Or to install antivirus measures within the cooling confines of a refrigerator? The answers point to an unsettling simplicity—you cannot.

How to Protect 

Vigilance - What then might be the protocol to safeguard our increasingly digital space? It begins with vigilance, the cornerstone of digital self-defense. Ensure the automatic updating of all IoT devices when they beckon with the promise of a new security patch. 

Self Awareness - Avoid the temptation of public USB charging stations, which, while offering electronic succor to your devices, could also stand as the Trojan horses for digital pathogens. Be attuned to signs of unusual power depletion in your gadgets, for it may well serve as the harbinger of clandestine malware. Navigate the currents of public Wi-Fi with utmost care, as they are as fertile for data interception as they are convenient for your connectivity needs.

Use of Firewall - A firewall can prove stalwart against the predators of the internet interlopers. Your smart appliances, from the banality of a kitchen toaster to the novelty of an internet-enabled toilet, if shielded by this barrier, remain untouched, and by extension, uncompromised. And let us not dismiss this notion with frivolity, for the prospect of a malware-compromised toilet or any such smart device leaves a most distasteful specter.

Limit the use of IOT -  Additionally, and this is conveyed with the gravity warranted by our current digital era, resist the seduction of IoT devices whose utility does not outweigh their inherent risks. A smart television may indeed be vital for the streaming aficionado amongst us, yet can we genuinely assert the need for a connected laundry machine, an iron, or indeed, a toothbrush? Here, prudence is a virtue; exercise it with judicious restraint.

Conclusion 

As we step forward into an era where connectivity has shifted from a mere luxury to an omnipresent standard, we must adopt vigilance and digital hygiene practices with the same fervour as those for our corporal well-being. Let the toothbrush hack not simply be a tale of caution, consigned to the annals of internet folklore, but a fable that imbues us with the recognition of our role in maintaining discipline in a realm where even the most benign objects might be mustered into service by a cyberspace adversary.

References 

• https://www.bleepingcomputer.com/news/security/no-3-million-electric-toothbrushes-were-not-used-in-a-ddos-attack/ 
• https://www.zdnet.com/home-and-office/smart-home/3-million-smart-toothbrushes-were-not-used-in-a-ddos-attack-but-they-could-have-been/
• https://www.securityweek.com/3-million-toothbrushes-abused-for-ddos-attacks-real-or-not/

https://www.cxodigitalpulse.com/hackers-use-electric-toothbrushes-in-massive-cyber-attack-results-in-huge-financial-loss/

A video is being widely shared on social media showing devotees seated in a boat appearing stunned as a massive, multi-hooded snake—resembling the mythical Sheshnag—suddenly emerges from the middle of a water body.

The video captures visible panic and astonishment among the devotees. Social media users are sharing the clip claiming that it is from Vrindavan, with some portraying the sight as a divine or supernatural event. However, research conducted by the Cyber Peace Foundation found the viral claim to be false. Our research  revealed that the video is not authentic and has been generated using artificial intelligence (AI).

‍

Claim

‍

On January 17, 2026, a user shared the viral video on Instagram with the caption suggesting that God had appeared again in the age of Kalyug. The post claims that a terrifying video from Vrindavan has surfaced in which devotees sitting in a boat were shocked to see a massive multi-hooded snake emerge from the water. The caption further states that devotees are hailing the creature as an incarnation of Sheshnag or Vasuki Nag, raising religious slogans and questioning whether the sight represents a divine sign. (The link to the post, its archive link, and screenshots are available.)

• https://www.instagram.com/reel/DTngN9FkoX0/?igsh=MTZvdTN1enI2NnFydA%3D%3D 
• https://archive.ph/UuAqB 

‍

Fact Check:

Upon closely examining the viral video, we suspected that it might be AI-generated. To verify this, the video was scanned using the AI detection tool SIGHTENGINE, which indicated that the visual is 99 per cent AI-generated.

‍

‍

In the next step of the research , the video was analysed using another AI detection tool, HIVE Moderation. According to the results obtained, the video was found to be 62 per cent AI-generated.

‍

‍

Conclusion

‍

Our research  clearly establishes that the viral video claiming to show a multi-hooded snake in Vrindavan is not real. The clip has been created using artificial intelligence and is being falsely shared on social media with religious and sensational claims.

‍

On 22nd October 2024, Jyotiraditya Scindia, Union Minister for Communications, launched the (DoT) Department of Telecoms’ International Incoming Spoofed Calls Prevention System. This was introduced in light of efforts toward preventing international fraudulent calls that enable cyber crimes. A recent report as per PIB claims for the system to have been effective and played a role in a 90% reduction in the number of spoofed international calls, its instances falling from 1.35 Crore to 6 Lakhs within two months of the launch of the system.

International spoof calls are calls that masquerade as numbers originating from within the country when displayed on the target's mobile screen. This is done by manipulating the calling line identity or the CLI, commonly known as the phone number. Previous cases reported mention that such spoof calls have been used for conducting financial scams, impersonating government officials to carry out digital arrests, and inducing panic. Instances of threats of disconnecting numbers by TRAI officials, and narcotics officials on finding drugs or even contraband through couriers are also rampant. 

International Incoming Spoofed Calls Prevention System 

As was addressed in the Budget in 2024, the system was previously called the Centralised International Out Roamer (CIOR), and the DoT was allocated Rs.38.76 crore for the same. The Digital Intelligence Unit (DIU) under the DoT is another project that aims to investigate and research fraudulent use of telecom resources, including messages, scams, and spam - the budget for which has been increased from 50 to 85 crores.

The International Incoming Spoofed Calls Prevention System was implemented in two phases, the first one was at the level of the telephone companies (telcos). Telcos can verify their subscribers and Indian SIMs based on the Indian Telecom Service Providers (TSPs) international long-distance (ILD) network. When a user with an Indian number travels abroad, the roaming feature gets activated, and all calls hit the ILD network of the TSP. This allows the TSP to verify whether the numbers starting with +91 are genuinely making calls from abroad or from India. However, a TSP can only verify numbers that are issued with their TSP ILD network and not those of other TSPs. This issue was addressed in the second phase, as the DIU of DoT and the TSPs built an integrated system so that a centralised database could be used to check for genuine subscribers. 

CyberPeace Outlook

A press release on 23rd December 2024 encouraged the TSPs to label incoming International calls as International calls on the mobile screen of the receiver. Some of them have already started adding labels and are sending awareness messages informing their subscribers of tips on staying safe from scams. Apart from these, there are also applications available online that help in identifying callers and their location, however, these are at the behest of the users' efforts and have moderate trust value. At the level of the public, the practice of blocking unknown international numbers and not calling back, along with awareness regarding country codes is encouraged. Coordinated and updated efforts on the part of the Government and the TSPs are much appreciated in today's time as scammers continue to find new ways to commit cyber crimes using telecommunication resources.

References

1. https://www.hindustantimes.com/india-news/jyotiraditya-scindia-launches-dot-system-to-block-spam-international-calls-101729615441509.html
2. https://www.business-standard.com/india-news/centre-launches-system-to-block-international-spoofed-calls-curb-fraud-124102300449_1.html
3. https://www.opindia.com/2024/12/number-of-spoofed-international-calls-used-in-cyber-crimes-goes-down-by-90-in-2-months/
4. https://www.cnbctv18.com/technology/telecom/telecom-department-anti-spoofed-international-calls-19529459.htm
5. https://pib.gov.in/PressReleaseIframePage.aspx?PRID=2067113
6. https://pib.gov.in/PressReleasePage.aspx?PRID=2087644
7. https://www.hindustantimes.com/india-news/display-international-call-for-calls-from-abroad-to-curb-scams-dot-to-telecos-101735050551449.html 

‍