Over the past year, the same kind of story kept surfacing in the Indian news and then vanishing: a woman whose photograph had been turned, without her consent, into a sexual image by tools powered by artificial intelligence or AI. Grok was being used to strip the clothes off women who had posted ordinary pictures. Bollywood actresses’ deepfakes were going viral. They were all reported as their own small scandal, about one app or one bad actor, and forgotten within a news cycle.
Then, in August 2025, came the news of the arrest of a man in Assam who had built a fake AI persona using his ex-girlfriend’s photo. The coverage stopped there.
Online gender harm was not new, and neither was photo-morphing; women's images had been doctored and passed around for years. What I wanted to understand was how that familiar harm changes when the technology behind it is driven by AI: faster, cheaper, and far harder to tell apart from the real thing. And, who is accountable for it?

As a nonprofit journalism organization, we depend on your support to fund more than 170 reporting projects every year on critical global and local issues. Donate any amount today to become a Pulitzer Center Champion and receive exclusive benefits!
The man, in any case, was a customer. Who builds these tools? Who hosts them? Who gets paid? Those were the questions on my mind, and that economy was the story I wanted to report.
An investigation like this has two halves that do not look alike. One you can report by talking to people, travelling, reading court records. The other is inside the software: which app connects to which server, who gets paid when someone taps a button, what data leaves your phone. You cannot see that part without technical skills. So I brought in Tarunima Prabhakar, of Tattle, a tech-and-policy research organization, to do that work.
I would follow the money and the people. Tattle would map the machine.
What we found
The most important thing the reporting revealed was structural. This is not a scatter of rogue apps. It is a single supply chain, and it does not end with one arrest or one platform takedown.
Behind dozens of separate-looking Telegram bots and websites sat a small number of shared backends doing the actual work, with money changing hands at every link: a subscription platform taking its cut, payment agents converting rupees into credits, app stores processing the transactions.
The models that generate the content are largely Chinese, the platforms that host and distribute them largely American, the faces overwhelmingly of South Asian women who never consented. No single company owns the harm, which is exactly why it survives.
We could reveal that arresting one creator, or taking down one account, leaves the machinery untouched.
How the reporting began
The first decisions were about safety.
This reporting required entering spaces built to harm, and leaving as little of yourself behind as possible. Both the Tattle team and I bought new SIM cards and factory-reset spare phones to use as dedicated investigation devices.
Before joining a single channel, we sat with a cybersecurity expert who walked us through how to move through these networks without exposing our identities, our locations, or our personal accounts. That session produced a working protocol we followed throughout, which we are sharing for other journalists who want to do this kind of work. The phone you use to map a nudify network should never be the phone that knows your name.
Meanwhile, I filed about a dozen Right to Information requests to bodies including the Indian Cyber Crime Coordination Centre, the National Crime Records Bureau and the Ministry of Electronics and Information Technology, asking how many complaints of AI-generated intimate imagery they had on record. The answers came back almost identical: no information available.
Near the start of the project I spoke to a 16-year-old content creator in Karnataka whose own Instagram reels had been seeded with AI-generated nudes of her. Through organizations working on online gender safety, I also found a woman who had been blackmailed through a loan app that had harvested her photograph and ID.
For the Assam case, I worked with a reporter on the ground and travelled to Tinsukia. I wanted to understand everything about the man who had been accused, which meant days of calls and visits to the police.
The court records were supposed to be digitized, but in a small, under-resourced court the trail went cold after a single line noting that bail had been rejected. There was no chargesheet and no bail order we could find anywhere. Once we had met the investigating officers and understood the case, we filed an appeal in the court to access the documents. I had braced for a long fight. We had them in two days.
With help from locals, we reached Tinsukia, where the accused lived, and found his father's grocery shop. Talking to him was one of the most challenging conversations of the reporting. This was not a victim I could offer comfort to. This was an elderly man who could not reconcile the studious son he knew with what he was told that son had done, and who insisted the boy had been framed.
We told him that we are journalists and wanted to talk about his son's case. He said he did not want to. We stayed, and he kept talking anyway: about his son, the family, his grief. At one point he said I had come all the way from Delhi only to cause him pain, so we dropped it and talked about the elections instead. He did not want to be questioned so much as listened to. So we stopped steering, and let him lead.
Inside the bots
Much of my own reporting happened inside Telegram. I joined bots and channels that advertised a video made from a single face in about 60 seconds, and each one I entered pointed me to several more.
Over a few weeks, I logged more than 30 bots and found that at least a dozen of them ran on the same backend. The bots were only the front doors. The actual video-making happened on one shared service that all of them plugged into, through what is called an API (application programming interface): the standard way one piece of software connects to another and asks it to do a job. Different storefronts, one engine behind them.
It was the first concrete sign that these bots were not independent operations but front-ends for the same machine.
The economics were visible in how users paid. Credits were sold in bulk packages, with referral commissions for bringing in new buyers and, most telling for India, a recruitment pipeline for local payment agents who take rupees through UPI (unified payments interface), which is an instant phone-to-phone system most of the country pays with, and convert them into credits for a margin.
I contacted two such agents, each wired into several bots at once, and traced two of their payment addresses back to accounts at major Indian banks, despite UPI's own rules barring transactions for obscene material.
Mapping the machine
The technical investigation, led by Tarunima and the Tattle team, started with a practical problem: There were too many places to look. So they began with a list of keywords and used them as doorways into search engines, Telegram, Reddit, Discord, the app stores, and the sites where AI models are shared and downloaded, such as Hugging Face, CivitAI and GitHub. Where a keyword turned up nothing, they moved on. Where it led somewhere, they followed the platform's own recommendations to find more of the same.

The websites gave up the most. The team looked at who registered each site, where it was hosted and what software ran it, and the same name kept appearing: Cloudflare, a service that makes a site load faster and, as a side effect, hides where its server actually sits and who is running it.
Apps that could generate nudes were pulled apart to see what their code did and what data they collected. Ads were traced through Meta's public ad library. The model-sharing sites were checked manually, because the most-used models rarely turned up under obvious search terms and surfaced only by looking at what was trending.
All of it pointed the same way: many storefronts, one shared engine.
The hardest part
The hardest part of this project was holding the technical findings and the human ones together.
I did not want a story that only people who already understand how these AI tools work could read. I wanted the 16-year-old who had trusted me with her story to read it and understand exactly what had been done to her, and by whom.
Building the findings into visuals helped. Working with a visual designer, we turned the supply chain into an infrastructure diagram that lets a reader see the whole system at once, from the apps and bots at the surface down to the models and the datasets they are trained on, with the core infrastructure that holds it all up running across the top.
We thought about this carefully, because a clear map of how the system fits together can easily turn into instructions for using it. So we drew a line between naming and enabling. The diagram names the kinds of players and how they connect, because you cannot hold anyone accountable without naming them. But it leaves out the working entry points: the bot links, the invite codes, the address of the service that does the actual generating, the steps that turn an ordinary AI model into one built for this. It shows the shape of the system without handing anyone the keys to it.
We named the payment handles and the app where we found the worst material, only after reporting them to the authorities, as evidence rather than a route in.

The idea that the harm is layered and centralized becomes something a reader can simply look at.
What is next
We started conducting roundtable discussions with researchers, lawyers and technologists, and planning for a policy document to send to the authorities and the platforms named in the reporting.
There is also a thread I have not finished pulling: through this project I kept finding AI-generated "creators" with millions of followers, regular reels and subscription links, and friends now message me every few days asking whether a profile is a real person. More often than not, I cannot tell. That is a thread I would like to follow.
My key takeaways
The biggest limitation was breadth against depth. To finish at all, we set aside platforms and leads we could not chase, and our "nothing found" results mean only "not found in the time we had," not that nothing is there. With more time, the payment-agent networks and the cloud backends, where this economy is most exposed, would have been worth mapping much further.
We also learned far more about who builds and sells these tools than about who buys them. The demand side, the loan-app operators who blackmail women with generated nudes and the troll networks that flood teenagers' feeds, is a story we have only started.
We could trace operators to a first layer; reaching the people behind them, across borders, was rarely possible. That is built into the system, not into our method, and it is the reason an arrest changes so little while the market goes on finding other faces.
Three lessons I am taking from this reporting
The person who gets arrested is rarely the system. One man made deepfakes of a woman; he bought every tool he used off the shelf, for a few thousand rupees. Removing him left the machine running. The reporting that lasts is a layer down, in the payment rails, the hosts and the model platforms that outlive any single arrest.
When the government has no number, that is the finding. Our Right to Information requests came back empty, because no one is counting this harm. An absence in the data can be evidence in itself.
Keep the person in front of the technology. It is easy to disappear into models and servers and forget why you started. The reason was the 16-year-old whose reels were hijacked, the woman blackmailed through a loan app, the homemaker whose face was sold for years. The technology is only the method. They are the story.