jtanki - stock.adobe.com

News

Extremist hacker who defaced websites and stole data imprisoned

Hacker Al-Tahery Al-Mashriky pled guilty to attacking multiple websites based on extremist political and religious ideology

Alex Scroxton
By
Published: 18 Aug 2025 16:30

A Rotherham man who hacked and defaced a number of websites, and stole login credentials on over four million individuals, has been jailed for 20 months at Sheffield Crown Court, after pleading guilty earlier this year to nine offences under the Computer Misuse Act of 1990.

Al-Tahery Al-Mashriky, aged 26, was arrested by the National Crime Agency in August 2022, acting on a tip-off from the US authorities regarding the activities of two extremist hacking collectives known as Spider Team and Yemen Cyber Army.

Investigators linked Al-Mashriky to the Yemen Cyber Army through his social media and email accounts after seizing and analysing a laptop and several mobile devices.

The digital evidence revealed Al-Mashriky infiltrated a number of websites where he injected hidden webpages that contained his various online monikers and political ideology.

“Al-Mashriky’s attacks crippled the websites targeted, causing significant disruption to their users and the organisations, just so that he could push the political and ideological views of the Yemen Cyber Army,” said Paul Foster, deputy director and head of the NCA National Cyber Crime Unit.

The court heard how, in February 2022, Al-Mashriky attacked the website of media outlet Israeli Live News, where he accessed admin pages and downloaded the entire website, as well as Yemen’s Ministry of Foreign Affairs and Ministry of Security Media, where he deployed tools to scan for usernames and vulnerabilities.

He also targeted a number of faith-based websites in Canada and the US, as well as the California State Water Board.

Cyber crime forums

However, the scale of Al-Mashriky’s offending did not stop there. The NCA revealed he may have hacked over 3,000 websites in total in 2022, and took to bragging of his exploits on underground cyber crime forums, where he gained a certain amount of kudos from his peers.

The NCA’s forensic investigators found Al-Mashriky was in possession of the personal data of over four million Facebook users, and had obtained documents containing usernames and login credentials for other online services, including Netflix and PayPal. The NCA said this data could have been used to commission further acts of cyber crime and digital fraud.

“He had also stolen personal data that could have enabled him to target and defraud millions of people,” said Foster.

“Cyber crime can often appear faceless, with the belief that perpetrators hide in the shadows and can avoid detection. However, as this investigation shows, the NCA has the technical capability to pursue and identify offenders like Al-Mashriky and bring them to justice.”

Yemen Cyber Army

The Yemen Cyber Army is a somewhat mysterious group that first emerged in the mid-2010s with a series of cyber attacks and threats against Saudi Arabian targets. It may have been the source of a 2015 leak of half a million Saudi Foreign Ministry cables by WikiLeaks, although this is disputed.

Over the years, the group’s objectives have appeared to align largely with the Islamist Houthi insurgency, which is backed by the Iranian government in Tehran.

However, owing both to the devastation wrought by the Yemeni Civil War, and analysis of malware samples linked to the Yemen Cyber Army, it is thought unlikely that the group has many, if any, actual members located in Yemen itself. Most security authorities believe the group is most likely a front for Iran’s state-backed cyber activities.

Read more about cyber crime

Read more on Hackers and cybercrime prevention