These danger actors were being then able to steal AWS session tokens, the temporary keys that permit you to request temporary credentials to your employer??s AWS account. By hijacking active tokens, the attackers were able to bypass MFA controls and gain usage of Harmless Wallet ??s AWS account