These threat actors had been then in the position to steal AWS session tokens, the temporary keys that let you ask for non permanent credentials in your employer??s AWS account. By hijacking Energetic tokens, the attackers were being able to bypass MFA controls and obtain use of Harmless Wallet