These risk actors have been then in a position to steal AWS session tokens, the short-term keys that let you request temporary credentials on your employer??s AWS account. By hijacking Energetic tokens, the attackers had been capable of bypass MFA controls and achieve usage of Risk-free Wallet ??s AWS account. By timing their attempts to coincide