These threat actors were being then capable of steal AWS session tokens, the non permanent keys that enable you to request short-term credentials in your employer??s AWS account. By hijacking active tokens, the attackers ended up ready to bypass MFA controls and achieve use of Risk-free Wallet