These risk actors had been then capable of steal AWS session tokens, the short term keys that let you request short term credentials in your employer??s AWS account. By hijacking active tokens, the attackers had been in a position to bypass MFA controls and acquire access to Safe Wallet ??s AWS