These threat actors ended up then able to steal AWS session tokens, the short term keys that permit you to ask for temporary qualifications towards your employer??s AWS account. By hijacking active tokens, the attackers ended up able to bypass MFA controls and obtain usage of Secure Wallet ??s