These risk actors were being then capable of steal AWS session tokens, the non permanent keys that permit you to ask for temporary credentials towards your employer??s AWS account. By hijacking active tokens, the attackers ended up able to bypass MFA controls and acquire use of Harmless Wallet