These risk actors were being then in a position to steal AWS session tokens, the short-term keys that allow you to ask for momentary credentials for your employer??s AWS account. By hijacking active tokens, the attackers ended up ready to bypass MFA controls and attain access to Protected Walle