These menace actors had been then able to steal AWS session tokens, the non permanent keys that help you request short term credentials towards your employer??s AWS account. By hijacking Energetic tokens, the attackers had been ready to bypass MFA controls and achieve access to Harmless Wallet