These threat actors had been then in a position to steal AWS session tokens, the short-term keys that let you ask for short term credentials to your employer??s AWS account. By hijacking active tokens, the attackers were able to bypass MFA controls and gain access to Safe Wallet ??s AWS account