The supercomputers, including Archer at the University of Edinburgh, were taken off-line while the hackers used them to mine crypto-currency.
Staff said they were working with the National Cyber Security Centre to restore the system, which had recently installed a pandemic modelling tool.
Similar attacks shut down five supercomputers in Germany, Switzerland, and Barcelona.
They exploited a Secure Shell (SSH) connection, which academic researchers use to log in to the system remotely.
And once inside, the attackers appear to have deployed cryptocurrency mining malware.
The security team at the European Grid Infrastructure foundation said: “A malicious group is currently targeting academic data centres for CPU [central processing unit] mining purposes.
“The attacker is hopping from one victim to another using compromised SSH credentials.”