These risk actors had been then able to steal AWS session tokens, the short-term keys that let you ask for non permanent qualifications in your employer??s AWS account. By hijacking Energetic tokens, the attackers had been able to bypass MFA controls and achieve access to Secure Wallet ??s AWS