These threat actors were being then ready to steal AWS session tokens, the non permanent keys that help you request temporary credentials on your employer??s AWS account. By hijacking active tokens, the attackers were in a position to bypass MFA controls and obtain entry to Protected Wallet ??s