These threat actors were then in the position to steal AWS session tokens, the temporary keys that allow you to request temporary credentials on your employer??s AWS account. By hijacking Energetic tokens, the attackers had been ready to bypass MFA controls and gain usage of Harmless Wallet ??s