When a hacker sends emails to people in your email address book as though they came from you, it's called spoofing.
I don't know how it works, but I don't think it means they have the address book info. I think they just stuck a worm or virus somewhere to use the info.
Can you try going to
http://www.hotmail.com and using the Forgot My Password link right under the Password box on the login screen? Then the real Hotmail should ask you a security question and be able to reset your password.
If that doesn't work, report the problem to hotmail support.
https://support.live.com/eform.aspx?...ery=qaf&scrx=1
You may need to set up another email address for them to reply to you at.