These threat actors were being then capable to steal AWS session tokens, the short-term keys that let you ask for short term qualifications on your employer??s AWS account. By hijacking active tokens, the attackers ended up capable of bypass MFA controls and obtain usage of Risk-free Wallet ??s