These risk actors were then in the position to steal AWS session tokens, the short-term keys that permit you to request temporary qualifications in your employer??s AWS account. By hijacking active tokens, the attackers were able to bypass MFA controls and get use of Safe Wallet ??s AWS account