These threat actors have been then in the position to steal AWS session tokens, the temporary keys that let you ask for non permanent credentials towards your employer??s AWS account. By hijacking active tokens, the attackers had been in the position to bypass MFA controls and attain access to