Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo AXT

Group: Dragonforce

Discovered by ransomware.live: 2025-06-20

Estimated attack date: 2025-06-16

Country: US

Description:

AXT, Inc. designs, develops, manufactures, and distributes compound and single element semiconductor substrates. The company offers indium phosphide for use in data center connectivity using light/lasers, high-speed data transfer in data centers, 5G communications, fiber optic lasers and detectors, consumer devices, passive optical networks, silicon photonics, photonic integrated circuits, thermo-photovoltaics, RF amplifier and switching, infrared light-emitting diode (LEDS) motion control, lidar for robotics and autonomous vehicles, and infrared thermal imaging. It also provides semi-insulating gallium arsenide (GaAs) substrates for use in Wi-Fi and IoT devices, transistors, direct broadcast television, power amplifiers, satellite communications, and solar cells; and semi-conducting GaAs substrates that are used in LEDs, screen displays using micro-LEDs, printer head lasers and LEDs, 3-D sensing using VCSELs, data center communication using VCSELs, sensors for industrial robotics/near


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mxb-00720801.gslb.pphosted.com.
  • mxa-00720801.gslb.pphosted.com.
TXT Records
  • atlassian-domain-verification=lBqNDnIHK907mZa0HnCuVJGegr6bU/c2y6RjDk6VkeCFIEe0Tx2z4yh/72T8P9LF
  • docusign=19a512d4-e8b4-43c4-a67f-97a251cdd910
  • google-gws-recovery-domain-verification=40067075
  • google-site-verification=J3W5TRUqYKua3v353jOPJ9ddc8nmYM2VNEg_pV1t6V0
  • pardot73612=ca074a26a2bac75757c992cccebb095414003538716645fcdea99283f864c835
  • t550jioq2bluepq7nd4occto9t
  • v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
  • ZOOM_verify_V13vZCkPRVirOUXkinA-DQ
  • atlassian-domain-verification=PvGHSJNrG/vpQr3zCanclU/HazwAnpgwhb27EDSx1FmiIwzPXkAXzbUpz9OuFVba
Cloud / SaaS Services Detected
Atlassian Salesforce DocuSign Proofpoint Zoom

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.