UK hacker Al-Tahery Al-Mashriky, tied to Yemen Cyber Army, gets 20 months in prison for website defacements and stolen data possession.
Al-Tahery Al-Mashriky (26), a man from South Yorkshire, linked to the Yemen Cyber Army, has been sentenced to 20 months in prison for hacking and defacing websites in hacktivist campaigns. The UK’s National Crime Agency (NCA) said he also possessed stolen user data. Law enforcement discovered the personal data and credentials of millions of people stored on Al-Mashriky’s laptop.
His actions, tied to politically motivated cyberattacks, highlight ongoing threats from hacktivist groups operating across borders.
NCA arrested Al-Tahery Al-Mashriky arrested in August 2022 after U.S. intelligence linked him to extremist hacker groups Spider Team and Yemen Cyber Army. NCA investigators tied him to the group via social media and emails, while forensic analysis revealed he had hacked multiple sites, including Yemen’s Ministries of Foreign Affairs and Security Media, as well as an Israeli news outlet.
The Yemen Cyber Army (YCA) is a hacktivist group that has been active since 2015, declaring support for the Houthi movement in Yemen’s conflict. It gained attention for defacing websites and leaking data, often targeting government agencies, media outlets, and organizations in Saudi Arabia and its allies. Its operations are primarily propaganda-driven, aiming to spread political messages rather than financial gain. While some researchers believe the group has ties to Iran-backed actors, the extent of this connection remains uncertain.
Al-Mashriky claimed on a hacking forum that he had hacked 3,000 websites over a three-month period in 2022.
“His offending centred around gaining unauthorised access to the websites, then creating hidden webpages containing his online monikers and messaging that furthered his religious and political ideology.” reads the statement published by NCA.
“He would often target websites with low security, gaining kudos in the hacking community for the sheer number of infiltrations. Using one of his many online aliases, Al-Mashriky claimed on one cybercrime forum that he had hacked in to over 3,000 websites during a three month period in 2022.”
On 17 March, the man pleaded guilty to nine offences and was sentenced to 20 months’ imprisonment at the same court on 15 August.
“Al-Mashriky’s attacks crippled the websites targeted, causing significant disruption to their users and the organisations, just so that he could push the political and ideological views of the ‘Yemen Cyber Army’.” Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, said.
“He had also stolen personal data that could have enabled him to target and defraud millions of people.”
“Cybercrime can often appear faceless, with the belief that perpetrators hide in the shadows and can avoid detection. However, as this investigation shows, the NCA has the technical capability to pursue and identify offenders like Al-Mashriky and bring them to justice.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Yemen Cyber Army)