See: http://maldb.com/sweetforms.com/# and http://urlquery.net/report.php?id=8592380
See search results for “htxp://c0.histats.12mlbe.com/jsx01/7/1950229/66,63”
avast detects on contact.php | {gzip}
Defacing a website simply means that we replace the index.html file with the defacement file.
The attacker finds a target website via searching for and finding vulnerability points on websites.
Also php shell/web defacement tools can be used,
Keeping the CMS software up to date and use input and output validation can prevent a lot of awe.
polonus