These threat actors had been then ready to steal AWS session tokens, the non permanent keys that assist you to request short term credentials in your employer??s AWS account. By hijacking active tokens, the attackers had been capable of bypass MFA controls and obtain entry to Protected Wallet ?