These threat actors were being then capable to steal AWS session tokens, the temporary keys that permit you to ask for short-term credentials on your employer??s AWS account. By hijacking active tokens, the attackers were capable to bypass MFA controls and attain access to Secure Wallet ??s AWS