These menace actors have been then capable to steal AWS session tokens, the non permanent keys that enable you to request short term credentials to your employer??s AWS account. By hijacking active tokens, the attackers ended up in the position to bypass MFA controls and obtain usage of Harmles