These risk actors have been then ready to steal AWS session tokens, the temporary keys that let you ask for non permanent credentials for your employer??s AWS account. By hijacking Energetic tokens, the attackers ended up ready to bypass MFA controls and get usage of Safe Wallet ??s AWS account