At least three congressional candidates have been targeted by hackers ahead of the US mid-term elections, according to Microsoft.
Tom Burt, an executive at the firm, made the revelation during a security conference panel in Colorado.
The three candidates appear to have been targeted by phishing attacks, he told the audience.
One cybersecurity expert said the hacking was probably an attempt to “undermine the democratic process”.
US voters will go to the polls on 6 November to elect a swathe of new members of Congress, senators and state governors.
The tech giant discovered the apparent foul play after checking fake Microsoft web domains that had been associated with espionage in 2016.
A group exploiting the domains is known by many as “Fancy bear” but has been dubbed “Strontium” by Microsoft.
Some cybersecurity firms, including SecureWorks and Mandiant, believe the hackers are linked to Russian intelligence.
Russia has consistently denied allegations of hacking.
Mr Burt told the Aspen Security Forum attendees: “Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks and we saw metadata that suggested those phishing attacks were being directed at three candidates who were all standing for election in the mid-term elections.”
In other words, the hackers tried to trick the candidates into visiting a bogus Microsoft web page.
Mr Burt did not name the affected candidates but said they were all potentially “interesting targets from an espionage standpoint”.
He added that the hackers were not successful in accessing the three candidates and that the fake Microsoft domain had been taken down.
The hackers might have been trying to gain access to the candidates’ personal messages or emails, for example, said cybersecurity expert Prof Alan Woodward at the University of Surrey.
“If you can grab emails… you can start making people look bad,” he said.
“I think the primary motive is to undermine the democratic process so it doesn’t matter which candidate they manage to subvert.”
In comments to the press during his visit to Helsinki earlier in the week, President Trump said “no” when asked if he thought that Russia was continuing to interfere in American elections.
However, his press secretary Sarah Huckabee Sanders claimed that the president actually had responded “no” to a query of whether he would be taking further questions.
Last week, the US Director of National Intelligence said Russian attempts at hacking US targets remained “persistent… regardless of whether it is election time or not”.
Prof Woodward told the BBC: “Every single intelligence agency, including the British ones, have said it’s ongoing, it’s an ongoing onslaught and the finger seems to point at Russia.”