These menace actors have been then in a position to steal AWS session tokens, the non permanent keys that enable you to ask for non permanent qualifications towards your employer??s AWS account. By hijacking active tokens, the attackers had been capable to bypass MFA controls and achieve access