These threat actors were being then capable to steal AWS session tokens, the short term keys that allow you to ask for short term credentials on your employer??s AWS account. By hijacking active tokens, the attackers were able to bypass MFA controls and gain usage of Harmless Wallet ??s AWS acc