Posted March 3Mar 3 Transfer Protocal (FTP) link for the exploit's base code as well as a portion of the code. On May 02, 2004, GEMBE contacted Reynolds once again via email. In the e-mail, GEMBE stated that he is "currently auditing" Valve's network. Specifically, GEMBE stated "i think i sent you the lsass exploit early, so i comprehended not patching an invitation :)." Basically, GEMBE used the lsass exploit to once again hack into Valve's network without their permission. GEMBE further requested to be allowed to remain in the Valve systems and stated "ill let noone log the passwords this time :)," referring to his previous compromises of the Valve Software network. Valve informed Seattle Division, they never consented to allow GEMBE into their network and informed him that he should never do this without talking to them or without their permission. In the past, Valve has told GEMBE he did not have permission to initiate any type of penetration testing of their network. During the time GEMBE had access to the network, Valve experienced a degredation in network performance and some of the services they were running. At this point, Valve was unable to say whether or not GEMBE's actions resulted in the degredation. Reynolds informed Seattle Division he was very concerned by GEMBE's aggressive nature and for the safety of the Valve network. Reynolds was aware of the Trojans and a self-compiled version of the SSX client, Putty, installed by GEMBE during the intrusion. The modified version of Putty was logging information from Valve and sending it outside of their network. Valve Software stated they were taking steps to secure the holes found and exploited by GEMBE. GEMBE is still pursuing his interest of working for Valve and stated he only hacked Valve's network because he was "bored" and waiting for them to respond concerning a job opportunity. GEMBE has been very persistent in his pursuit of employment at Valve. Although he is twenty-one years of age, GEMBE has repeatedly shown an aggressive nature in dealing with Valve and has demonstrated a high-degree of technical knowledge and skill. GEMBE has also been manipulative and coercive with Valve concerning his role in multiple intrusions into their network and has displayed a determination to continue his behavior. GEMBE appears to be a major player in the authoring of the lsass exploit and well as one of the leaders of the "AGOBOT" development group, responsible for the development and distribution of various bots and the launching of multiple Distributed Denial of Service attacks. GEMBE has also shown an enterprising nature by receiving payments for the writing of exploits. As a result, Seattle believes this clearly demonstrates GEMBE should be held accountable for his behavior and considered an adult by German authorities. Seattle Division will continue to support the German investigation, arrest, and prosecution of GEMBE to the fullest extent and in a manner most timely.
