These risk actors were then in the position to steal AWS session tokens, the short term keys that allow you to ask for temporary qualifications for your employer??s AWS account. By hijacking active tokens, the attackers ended up capable of bypass MFA controls and attain entry to Harmless Wallet