These threat actors had been then in a position to steal AWS session tokens, the non permanent keys that allow you to ask for temporary credentials to your employer?�s AWS account. By hijacking active tokens, the attackers were in the position to bypass MFA controls and obtain entry to Protected Wallet ?�s AWS account. By timing their attempts