These danger actors were then capable of steal AWS session tokens, the momentary keys that assist you to request short-term credentials to the employer??s AWS account. By hijacking active tokens, the attackers were able to bypass MFA controls and attain use of Risk-free Wallet ??s AWS account.