• Oak View Group co-founder Timothy Leiweke is facing 10 years in prison and a $1 million fine for allegedly reaching a secret backroom deal with the CEO of a competitor to land a sports arena contract for the University of Texas at Austin, authorities said on Wednesday. He has stepped down as CEO of Oak View, the company announced. A spokesperson for Leiweke said the executive has “done nothing wrong and will vigorously defend himself and his reputation for fairness and integrity.”

Timothy Leiweke, co-founder mogul of entertainment venue developer Oak View Group (OVG), is facing a decade in prison following an indictment returned on Wednesday. Leiweke is accused of allegedly conspiring with the CEO of competitor Legends Hospitality to make sure Oak View Group was the only bidder on a project to develop the 15,000-seat, $338 million Moody Center, which hosts the University of Texas’ mens and women’s basketball games and musicians such as Leon Bridges, Willie Nelson, George Strait, and Kali Uchis. 

According to the Department of Justice, Leiweke allegedly told colleagues back in 2017 he wanted to figure out a way to get OVG’s competitor to “back down” in bidding for the arena project. In February 2018, Leiweke allegedly struck a deal in which the competitor CEO at Legends Hospitality agreed to stand down on bidding for the project. In exchange, Leiweke allegedly told the Legends CEO, unnamed by the DOJ, that OVG would give them some of the business through subcontracts. That left OVG as the only bidder for the development contract. 

Officials called the alleged deal “bid rigging” and said it allowed the company to land a highly lucrative contract without an arm’s-length competitive process. The arena opened in 2022, and authorities said OVG continues to receive “significant revenues” from the project to date. OVG has agreed to pay $15 million in penalties while Legends Hospitality will pay $1.5 million, both “in connection with the conduct alleged in the indictment against Leiweke,” DOJ announced. 

The antitrust division charged Leiweke with violating Section 1 of the Sherman Act, which outlaws bid rigging. The maximum penalty is 10 years in prison and a $1 million criminal fine, although it could be increased to twice the gain from the alleged crime or twice the losses suffered by victims if either is greater than the statutory maximum, authorities said. The criminal penalty for a corporation is up to $100 million, according to the Federal Trade Commission. OVG was not charged.

“Timothy Leiweke allegedly led a scheme designed to steer the contract for entertainment services at a public university’s arena to his company. Public contracts are subject to laws requiring an open and competitive bid process to ensure a level playing field,” said assistant director in charge of the FBI’s New York field office Christopher G. Raia in a statement. “The FBI is determined to ensure that those who disregard fair competition principles do not benefit from a rigged bidding process targeting our communities and public institutions.”

On Wednesday, OVG announced Leiweke would relinquish the CEO role and transition into a vice chairman role on the board. The company is the largest developer of sports and live entertainment venues worldwide and was founded in 2015 by Leiweke and Irving Azoff. The latter is former CEO of Ticketmaster Entertainment and executive chairman of Live Nation Entertainment. OVG has 30,000 employees across hundreds of venues and has committed more than $5 billion to developing new arenas in the next three years. 

A spokesperson for Leiweke said the veteran exec had “done nothing wrong and will vigorously defend himself and his well-deserved reputation for fairness and integrity.”

“The Antitrust Division’s allegations are wrong on the law and the facts, and the case should never have been brought,” Leiweke’s spokesperson said. “The law is clear: vertical, complementary business partnerships, like the one contemplated between OVG and Legends, are legal. These allegations blatantly ignore established legal precedent and seek to criminalize common teaming efforts that are proven to enhance competition and benefit the public.”

In another statement, Leiweke said he was pleased the company resolved the DOJ’s inquiry without any charges or admission of wrongdoing. 

“[T]he last thing I want to do is distract from the accomplishments of the team or draw focus away from executing for our partners, so the Board and I decided that now is the right time to implement the succession plan that was already underway and transition out of the CEO role,” Leiweke said. “ In my new role as Vice Chairman of the Board and as an OVG shareholder, I remain as committed as ever to the long-term success of the company, and I know OVG, our valued partners and our customers are in great hands with Chris and the rest of our stellar leaders.”

Oak View Group said in a statement it cooperated fully with the DOJ’s inquiry and is pleased the matter has been resolved with no charges against OVG.  

“We support all efforts to ensure a fair and competitive environment in our industry and are committed to upholding industry-leading compliance and disclosure practices,” OVG’s stated.

Legends did not immediately respond to a request for comment.

This story was originally featured on Fortune.com

© Photo by Gary Miller/Getty Images

• Microsoft Threat Intelligence announced it wiped thousands of accounts created by North Korean IT workers as part of its moves to stymie the global fraud scheme. The IT worker conspiracy has infiltrated hundreds of Fortune 500 companies in recent years and law enforcement has partnered with cybersecurity experts to help identify and eliminate the threat. 

Microsoft has come out swinging against the elaborate North Korean IT worker conspiracy, suspending 3,000 known Outlook and Hotmail accounts created by the workers as part of its sweeping moves to disrupt the operation. 

The $3.7 trillion tech giant’s Threat Intelligence arm, which refers to the IT worker scheme as “Jasper Sleet,” detailed its efforts to hunt down scammers in a lengthy post this week. The Department of Justice also announced a coordinated takedown in the IT worker scheme, seizing hundreds of laptops, 29 financial accounts, and shutting down nearly two dozen websites. Law enforcement also searched 29 “laptop farms” across the U.S. The laptop farms are sites where accomplices—including Americans—agree to take care of laptops shipped by companies that have unwittingly hired North Koreans for remote jobs. They install software so that the IT workers can log in from overseas or they ship the laptops to other locations, including Russia and China. 

Some Americans have also rented their identities for the IT workers to use in applying for jobs. A nail salon employee in Maryland will be sentenced in August after he was found to be holding 13 jobs remotely that were handled by North Korean IT workers located in China. His 13 jobs paid nearly $1 million. 

The North Korean IT worker scheme is a global conspiracy in which trained workers from the Democratic People’s Republic of Korea (DPRK) are sent around the world to get jobs in tech using fabricated or stolen identities. The workers are legitimate; Microsoft noted some companies that have been victims of the scheme reported that the remote IT workers “were some of their most talented employees.” 

The scheme generates up to $600 million a year, according to UN estimates, and the IT workers share information with more malicious cyber attackers that have stolen billions in crypto. The revenue generated by the scheme and the illicitly heisted crypto are used to fund DPRK authoritarian ruler Kim Jong Un’s nuclear weapons program, according to the FBI and the DOJ. 

According to Microsoft, the workers are increasingly improving their tactics through the use of AI—eliminating grammatical errors, polishing up photos, and experimenting with voice-changing software.

Jasper Sleet is constantly changing and evolving their profiles across a wide variety of consumer email accounts, senior director of Microsoft Threat Intelligence Center Jeremy Dallman told Fortune in a statement.

“Beyond the 3,000 consumer email accounts that were recently taken down, in our efforts to disrupt the actor activity and protect our customers from this threat, Microsoft has continued to takedown persona accounts as they are identified and track the actor’s use of AI,” said Dallman.

At this point, Microsoft hasn’t seen the IT workers using combined AI voice and video just yet, the company said in its warning.

“We do recognize that combining these technologies could allow future threat actor campaigns to trick interviewers into thinking they aren’t communicating with a North Korean IT worker,” Microsoft warned. “If successful, this tactic could allow the North Korean IT workers to do interviews directly and no longer rely on facilitators standing in for them on interviews or selling them account access.”

The IT workers often use the same names and email addresses over and over in crafting their fake personas, using fraudulent profiles on job-networking sites and open-source coding platforms. Microsoft reported the IT workers have also started using AI tools like Faceswap to “move their pictures over to the stolen employment and identity documents” and to generally spruce up their profile pics. 

Beyond the account suspensions, Microsoft said it has launched an array of methods to detect IT worker activity through ID protection and other tools. The company has also developed a custom machine-learning solution that uses “impossible time travel risk detections, most commonly between a Western nation and China or Russia” to identify suspect accounts. 

This story was originally featured on Fortune.com

© Photo by Stephen Brashear/Getty Images