A pro-Houthi cybercriminal who hacked thousands of websites from his home in the UK has been jailed for 20 months.
Al Tahery Al Mashriky, 26, was arrested by the National Crime Agency after it was tipped off by US law enforcement investigating extremist hacker group the Yemen Cyber Army.
NCA investigators were able to link Al Mashriky to the group through social media and email accounts.
The Yemen Cyber Army emerged around 2015 with a series of attacks against Saudi Arabian targets and is aligned with Houthi rebels in Yemen. It is also suspected of being a front for Iran-backed hacking activities.
Al Mashriky, from Rotherham, South Yorkshire, hacked into websites including the Yemen Ministry of Foreign Affairs, the Yemen Ministry of Security Media and Israeli Live News, analysis of his laptop and several mobile phones revealed.
After gaining access to the sites he created web pages containing his online monikers and messaging to promote his religious and political ideology.
Using one of his many online aliases, Al Mashriky claimed on one cybercrime forum that he had hacked in to more than 3,000 websites during a three-month period in 2022, the NCA has revealed.
He was in possession of personal data for more than four million Facebook users and several documents containing usernames and passwords for services such as Netflix and PayPal, which could be used for further acts of cybercrime.
NCA deputy director Paul Foster, head of the agency’s National Cyber Crime Unit, said: “Al Mashriky’s attacks crippled the websites targeted, causing significant disruption to their users and the organisations, just so that he could push the political and ideological views of the Yemen Cyber Army.
“He had also stolen personal data that could have enabled him to target and defraud millions of people.
Al Mashriky was arrested in August 2022 and had been due to stand trial at Sheffield Crown Court in March this year for 10 offences under the Computer Misuse Act but pleaded guilty instead. He has now been jailed at the same court for 20 months.
He was also found to have targeted faith websites in Canada and the US, as well as the website for the California State Water Board. Hacking victims revealed the significant cost and inconvenience caused by his activities.
“Cybercrime can often appear faceless, with the belief that perpetrators hide in the shadows and can avoid detection,” said Mr Foster.
“However, as this investigation shows, the NCA has the technical capability to pursue and identify offenders like Al Mashriky and bring them to justice.”
An account on X bearing the group's name lists its activities, including hacking the University of Bristol earlier this year.
The account also reposts the messages of 313 Team, an Iran-aligned group which took credit for hacking US President Donald Trump’s Truth Social platform within hours of US strikes on Iranian nuclear facilities.
Houthi-aligned hackers were last year blamed for cyber attacks on military personnel from Middle Eastern countries.
