These threat actors were then capable to steal AWS session tokens, the short-term keys that let you request non permanent qualifications on your employer??s AWS account. By hijacking active tokens, the attackers ended up in the position to bypass MFA controls and acquire usage of Protected Wallet ??s AWS account. By timing their endeavours to coin