These threat actors were being then capable to steal AWS session tokens, the short-term keys that permit you to request short term credentials in your employer??s AWS account. By hijacking active tokens, the attackers were being ready to bypass MFA controls and attain usage of Protected Wallet ??s AWS account. By timing their attempts to coincide