These risk actors ended up then ready to steal AWS session tokens, the temporary keys that let you request momentary qualifications to your employer??s AWS account. By hijacking active tokens, the attackers had been capable to bypass MFA controls and get usage of Harmless Wallet ??s AWS account