A 26-year old in the UK who claimed to have hacked thousands of websites was sentenced to 20 months in prison after pleading guilty earlier this year.
Al-Tahery Al-Mashriky of Rotherham, UK, was arrested in 2022 based on information received from U.S. law enforcement and charged for stealing log in details of millions of Facebook users, and hacking websites belonging to the government in Yemen, an Israeli news outlet, and organizations in the U.S. and Canada.
Al-Mashriky pleaded guilty to the charges this year on March 17. He was linked to extremist groups such as ‘Spider Team’ and ‘Yemen Cyber Army’
According to authorities in the U.K., Mashriky claimed on a forum to have hacked more than 3,000 websites. However, the figure was not verified by the investigation.
Analyzed forensic evidence has shown that Al-Mashriky has:
- Infiltrated the website of the Yemen Ministry of Foreign Affairs and the Yemen Ministry of Security Media
- Deployed tools on Yemeni government websites to scan for usernames and vulnerabilities
- Hacked into Israeli Live News, accessing admin pages, and downloaded the entire site
- Targeted faith websites in Canada and the U.S.
- Targeted the California State Water Board website
- Possessed stolen personal data for more than 4 million Facebook users
- Held stolen usernames and passwords for services such as Netflix and PayPal
In many cases, the hacker defaced the targeted sites to post political or religious messages.
“Al-Mashriky’s attacks crippled the websites targeted, causing significant disruption to their users and the organisations, just so that he could push the political and ideological views of the ‘Yemen Cyber Army’,” stated Paul Foster, NCA’s head of National Cyber Crime Unit.
“He had also stolen personal data that could have enabled him to target and defraud millions of people.”
Al-Mashriky was due to stand trial for ten offenses under the Computer Misuse Act in March, but he eventually plead guilty to nine, resulting in a sentence of 20 months from Sheffield Crown Court.
46% of environments had passwords cracked, nearly doubling from 25% last year.
Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.