UK Hacker Linked to Yemen Cyber Army Sentenced to 20 Months for Website Defacements and Data Theft

TL;DR

• Al-Tahery Al-Mashriky, a 26-year-old UK hacker linked to the Yemen Cyber Army (YCA), has been sentenced to 20 months in prison for hacking, defacing websites, and possessing stolen user data.
• The Yemen Cyber Army, a hacktivist group active since 2015, targets government agencies and media outlets to promote political and ideological agendas.
• The case highlights the growing threat of hacktivism and the global reach of cybercrime, emphasizing the need for robust cybersecurity measures.

---

UK Hacker Linked to Yemen Cyber Army Sentenced to 20 Months in Prison

Introduction

A 26-year-old hacker from South Yorkshire, UK, Al-Tahery Al-Mashriky, has been sentenced to 20 months in prison for his involvement in hacking, website defacements, and possessing stolen data. The UK’s National Crime Agency (NCA) confirmed that Al-Mashriky was associated with the Yemen Cyber Army (YCA), a hacktivist group known for its politically motivated cyberattacks.

This case underscores the escalating threat of hacktivism and the global impact of cybercrime, as hackers exploit vulnerabilities to push ideological agendas.

---

The Arrest and Investigation

Link to Extremist Hacker Groups

Al-Mashriky was arrested in August 2022 after U.S. intelligence linked him to extremist hacker groups, including the Spider Team and the Yemen Cyber Army. Investigators from the NCA traced his connections to these groups through social media activity and email communications.

Forensic Evidence

A forensic analysis of Al-Mashriky’s devices revealed evidence of multiple hacking incidents, including:

• Defacing websites belonging to Yemen’s Ministries of Foreign Affairs and Security Media.
• Targeting an Israeli news outlet.
• Storing stolen personal data and credentials of millions of individuals on his laptop.

According to the NCA, Al-Mashriky exploited low-security websites to gain unauthorized access, often leaving hidden webpages containing his online monikers and ideological messages¹.

---

The Yemen Cyber Army: Motives and Operations

Background of the Yemen Cyber Army

The Yemen Cyber Army (YCA) emerged in 2015 and has since been active in hacktivist campaigns. The group publicly supports the Houthi movement in Yemen’s ongoing conflict and primarily targets:

• Government agencies in Saudi Arabia and its allies.
• Media outlets perceived as opposing its ideology.
• Organizations linked to opposing political factions.

Modus Operandi

The YCA’s operations are propaganda-driven, focusing on:

• Website defacements to spread political messages.
• Data leaks to expose sensitive information.
• Disrupting online services to create chaos and draw attention to their cause.

While some cybersecurity researchers suggest potential ties to Iran-backed actors, the extent of these connections remains unverified².

---

Al-Mashriky’s Claims and Sentencing

Boastful Admissions

Al-Mashriky publicly claimed on a hacking forum that he had hacked over 3,000 websites in just three months during 2022. His actions were driven by a desire to gain recognition in the hacking community and promote his political and religious ideology.

Legal Consequences

On 17 March 2025, Al-Mashriky pleaded guilty to nine offenses, including:

• Unauthorized access to computer systems.
• Defacing websites.
• Possession of stolen data.

He was sentenced to 20 months in prison on 15 August 2025 at a UK court.

---

Statements from Law Enforcement

NCA’s Response

Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, stated:

“Al-Mashriky’s attacks caused significant disruption to organizations and their users, all to push the political and ideological views of the Yemen Cyber Army. He also stole personal data that could have been used to target and defraud millions of people.”

Foster emphasized that cybercrime is not faceless and that law enforcement agencies have the technical capabilities to identify and prosecute offenders¹.

---

Broader Implications for Cybersecurity

The Rise of Hacktivism

This case highlights the growing threat of hacktivism, where ideologically motivated hackers exploit cyber vulnerabilities to:

• Disrupt operations.
• Spread propaganda.
• Expose sensitive data.

Lessons for Organizations

Organizations must:

• Strengthen cybersecurity defenses to prevent unauthorized access.
• Monitor for suspicious activity to detect breaches early.
• Educate employees on recognizing and mitigating cyber threats.

The Role of International Cooperation

The collaboration between UK and U.S. intelligence in this case demonstrates the importance of global cooperation in combating cybercrime. As hackers operate across borders, shared intelligence and joint investigations are critical to bringing offenders to justice.

---

Conclusion

The sentencing of Al-Tahery Al-Mashriky serves as a warning to hacktivists and cybercriminals worldwide. While hacktivism may be driven by political or ideological motives, the legal consequences remain severe.

This case also reinforces the need for robust cybersecurity measures to protect against website defacements, data breaches, and ideological cyberattacks. As cyber threats continue to evolve, international collaboration and proactive defense strategies will be essential in safeguarding digital infrastructure.

---

References

1. National Crime Agency (NCA) (2025). “Serial hacker who defaced official websites is sentenced”. Retrieved 2025-08-20. ↩︎ ↩︎²

2. Paganini, Pierluigi (2025). “A hacker tied to Yemen Cyber Army gets 20 months in prison”. Security Affairs. Retrieved 2025-08-20. ↩︎