Microsoft said over the weekend it observed destructive malware in systems belonging to several Ukrainian government agencies and organisations that work closely with the Ukrainian government.
The victims of the malware include Ukrainian government agencies that provide critical executive branch or emergency response functions, Microsoft said.
Also affected was an information technology firm that manages websites for public and private sector clients, including government agencies whose websites were recently defaced. Microsoft did not identify the IT firm involved.
The US software giant, which first detected the malware on 13 January, said the malware attacks did not make use of any vulnerability in Microsoft products and services.
Ukraine was targeted by a cyber-attack on government websites on Thursday night, leaving some websites inaccessible on Friday morning and prompting Ukraine to open an investigation.
Ukraine had suspected a hacker group linked to Belarus intelligence carried out the cyber-attack, and that it used malware similar to that used by a group tied to Russian intelligence, according to reports.
The malware, which is disguised as ransomware, would render the infected computer system inoperable if activated by the attacker, Microsoft said, adding the company will continue to work with the cybersecurity community to identify and assist targets and victims.