These menace actors ended up then in the position to steal AWS session tokens, the momentary keys that let you request short term credentials in your employer??s AWS account. By hijacking Energetic tokens, the attackers had been capable of bypass MFA controls and achieve use of Protected Wallet ??s AWS account. By timing their attempts to coincide