These threat actors have been then ready to steal AWS session tokens, the temporary keys that let you ask for short-term qualifications towards your employer??s AWS account. By hijacking active tokens, the attackers ended up ready to bypass MFA controls and acquire use of Harmless Wallet ??s AW