I've seen a lot of this recently. It appears that the hackers are using the account's address book as the "from" address to make them harder to detect - lots of addresses to send as and fool spam controls.
Can you see the full header details? You may be able to use some online tools to trace back the source. See
http://www.rahul.net/falk/mailtrack.html