These threat actors ended up then in a position to steal AWS session tokens, the non permanent keys that let you request momentary credentials on your employer??s AWS account. By hijacking active tokens, the attackers have been able to bypass MFA controls and achieve access to Protected Wallet ??s AWS account. By timing their endeavours to coincid