Spammers have hijacked computers at drug manufacturer Pfizer, causing them to send junk e-mails advertising the company's product Viagra.
At least 138 of Pfizer's IP addresses are being used to send the spam after being loaded with Trojan software, it emerged last week.
Aside from Viagra, the spam advertises penis-enlargement drugs, fake Rolexes and shares, according to botnet-tracking company Support Intelligence, which said that those IP addresses have now been blacklisted by anti-spam companies.
Support Intelligence has saved 600 sample spam e-mails over the past six months, and contacted Pfizer about the problem. But Pfizer has not cleared the problem up, Support Intelligence's chief executive Paul Wesson told Wired.com on Wednesday.
Although the spam e-mails were sent by Pfizer computers, recipients would not have realised this, as the spammers used forged Web-based e-mail addresses.
The incident adds to the company's embarrassment after three major security breaches, each of which involved the theft of Pfizer employees' personal data. In one of these breaches, revealed on 24 August, details of 34,000 Pfizer employees were stolen by a former employee. Pfizer said in a letter that "there is no indication" the information is being misused.
That announcement followed two other major data losses at the drugs company. Pfizer warned in June that peer-to-peer software on one of its machines may have leaked the details of 17,000 employees, and in July the company lost two laptops containing staff details.
No connection has been made between these breaches and the spam attacks.
Pfizer could offer no comment at the time of writing.
