Just for more information, the script that David has pointed out, contained in the hacked 404 page, deobfuscates to an iframe, pointing to a site that is known for malware:

http://hosts-file.net/?s=213.182.197.42&view=matches

Interesting to note, the difference in detection at VT:
http://www.virustotal.com/file-scan/report.html?id=7ecef262a30618ec1b38b9b56931f35a059b9b0591b342a5f208fd75185394a3-1307997688
This is the iframe in my image as it is in a text file.
Seems detection is better on the obfuscation than the content?

(Though I imagine that VT overlooks some elements of the scanning…)