A 26-year-old cybercriminal from Rotherham has been sentenced to 20 months imprisonment for conducting a widespread hacking campaign that compromised millions of user credentials across multiple countries.
Al-Tahery Al-Mashriky pleaded guilty to nine offenses under the Computer Misuse Act at Sheffield Crown Court, following his arrest by National Crime Agency (NCA) specialists in August 2022.
Forensic analysis of Al-Mashriky’s seized devices uncovered the accurate scale of his cybercriminal activities.
NCA Digital Forensic Officers discovered he possessed personal data for over 4 million Facebook users, alongside comprehensive collections of usernames and passwords for major platforms, including Netflix and PayPal.
The investigation revealed sophisticated attack methodologies, including the deployment of automated scanning tools to identify system vulnerabilities and harvest administrative credentials.
Al-Mashriky’s connection to the extremist hacker groups “Spider Team” and “Yemen Cyber Army” was established through social media forensics and email account analysis.
His laptop contained evidence of systematic website infiltrations, with the defendant claiming on cybercrime forums to have compromised over 3,000 websites during three months in 2022.
His attack pattern focused on exploiting low-security targets to maximize intrusion volume and gain recognition within hacking communities.
Multi-Target Attack Campaign
The investigation revealed Al-Mashriky employed a consistent attack methodology across diverse targets. After gaining unauthorized access, he would establish persistent backdoors through hidden webpages containing his online aliases and ideological messaging.
His targets included high-profile government and media organizations: the Yemen Ministry of Foreign Affairs, the Yemen Ministry of Security Media, and Israeli Live News, where he accessed administrative panels and exfiltrated complete website databases.
His campaign extended across North America, targeting faith-based websites in Canada and the United States, as well as critical infrastructure, including the California State Water Board website.
The attacks caused significant operational disruption, with victim organizations reporting substantial recovery costs and prolonged service interruptions.
The technical evidence demonstrated Al-Mashriky’s use of vulnerability scanners and credential harvesting tools, enabling him to compromise target systems systematically.
His possession of millions of user credentials posed severe risks for identity theft and financial fraud, representing potential damages far exceeding the immediate website defacements.
Deputy Director Paul Foster of the NCA’s National Cyber Crime Unit emphasized the investigation’s significance: “Al-Mashriky’s attacks crippled the websites targeted, causing significant disruption to their users and the organisations, just so that he could push the political and ideological views of the ‘Yemen Cyber Army’.”
The case demonstrates advanced digital forensics capabilities in tracking cybercriminals who believe anonymity protects from prosecution, marking a significant victory for international cybercrime enforcement cooperation.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
Click Here For The Original Source.
