The Amazon grocery delivery service has released a security update that allows hackers to remotely install malware that allows them to remotely wipe an infected computer’s hard drive, the Wall Street Journal reported Friday.
The update, which the company says can be used by “anyone with access to the Amazon Web Services network,” is already being used to attack its cloud storage services and to infect customers’ devices.
The company said in a blog post that it was also working on new ways to combat “a new wave of cyber attacks” targeting the company’s network.
Amazon, which has a large footprint in the United States and around the world, has long been the target of cyberattacks from state-sponsored actors, and the company has been under intense scrutiny from lawmakers in the U.S. and around Europe in recent months for its handling of security.
Last month, the Senate Intelligence Committee issued a scathing report alleging that Amazon is being paid by state-funded hackers to hack its cloud services.
The Senate report alleged that Amazon used its cloud service to allow hackers to steal personal data from its customers, including their names and addresses, in exchange for payment.
Amazon denied the allegations.
It also said that it has always complied with U.N. Security Council sanctions against Russia, and that it had a strong internal security team.