The Metropolitan Police is investigating claims that a botnet made up of two million infected computers has hit UK computers, including ones found in corporate and government departments.
The Police Central e-crime Unit is on the case and the investigation was ongoing, the Met has confirmed.
The botnet is said to have compromised 77 government-owned domains from the UK, US and other countries.
Finjan's Malicious Code Research Centre (MCRC) discovered the network in investigations of command and control servers operated by cyber criminals.
Finjan said that the cyber crime server has been in use since this February, and was hosted in the Ukraine.
The malware on the computers allows cybercriminals to execute commands on end user computers.
In addition to contacting the police, Finjan said it had contacted the affected government agencies.
The Cabinet Office, which plays a role in guiding and setting standards for the use of IT in government, had not responded to our request for comment at time of publication.
However, in a statement to the BBC, a spokesman said it would not comment on specific attacks and that it was not government policy to confirm if an individual organisation had been subject to one.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.