These threat actors have been then ready to steal AWS session tokens, the short-term keys that enable you to ask for temporary credentials towards your employer??s AWS account. By hijacking active tokens, the attackers had been capable to bypass MFA controls and attain access to Protected Wallet ??s AWS account. By timing their efforts to coincide