SafeWallet’s report stated that attackers bypassed SafeWallet’s AWS multifactor authentication by hijacking active AWS session tokens probably from a compromised developer’s workstation

  • Claim

Name

SafeWallet’s report stated that attackers bypassed SafeWallet’s AWS multifactor authentication by hijacking active AWS session tokens probably from a compromised developer’s workstation

Types

Claim

Quotes that support claims

According to a forensic analysis conducted by SafeWallet and cybersecurity firm Mandiant, the hacking group hijacked a Safe developer’s Amazon Web Services (AWS) session tokens to bypass the multifactor authentication security measures put in place by the firm.
To bypass this restriction, they hijacked active AWS user session tokens through malware planted on Developer1’s workstation. This allowed unauthorized access while AWS sessions remained active.

Referenced by

Summary

Crypto news

Data block