These threat actors have been then in the position to steal AWS session tokens, the non permanent keys that let you request momentary qualifications towards your employer??s AWS account. By hijacking active tokens, the attackers ended up able to bypass MFA controls and acquire entry to Harmless