Cyber Threat Actor: Mr.Slyman
| Actor Type | Location | Known Incidents |
Activist
|
Saudi Arabia
|
1 incident |
|---|
Profile
Mr.Slyman is a threat actor known by that alias and is associated with Saudi Arabia based on publicly available information. The actor has been linked to a single documented incident in which a Saudi state television website was compromised. This incident represents the only publicly reported activity attributed to Mr.Slyman in the available sources.
On 15 August 2014 the website of Alikhbaria, the Saudi state TV broadcaster, was defaced by individuals identifying themselves as “SYRIAN CYBER.” The defacement displayed anti‑government messages and imagery, most notably a modified photograph of King Abdullah that had been crossed out in red. The attackers stated that the breach was intended as an act of solidarity with political prisoners held within the kingdom and that they used the incident to broadcast their dissent. The alteration of the site’s content disrupted normal broadcasting operations and served as a public demonstration of opposition to Saudi authorities.
The claimed motivation—expressing solidarity with detained individuals and conveying a political message—provides insight into the strategic objective behind the operation. By targeting a high‑profile state media outlet, the actors sought to amplify their viewpoint and challenge the official narrative. The disruption of the website’s normal function underscored the intent to draw attention to their cause through a visible cyber act.
This defacement of Alikhbaria stands as the representative operation publicly associated with Mr.Slyman. No additional campaigns, malware families, initial access vectors, tooling details, affiliations, or broader targeting patterns are described in the supplied material, so the profile remains confined to the verified facts outlined above.
