These danger actors have been then in the position to steal AWS session tokens, the short term keys that let you ask for short term qualifications to your employer??s AWS account. By hijacking Energetic tokens, the attackers ended up ready to bypass MFA controls and get usage of Harmless Wallet