These risk actors were then capable to steal AWS session tokens, the short-term keys that enable you to ask for momentary qualifications to the employer??s AWS account. By hijacking active tokens, the attackers were in the position to bypass MFA controls and gain entry to Secure Wallet ??s AWS