Defacing websites has been the main stay for hacktivist groups to spread their message. During recent research, we found multiple compromised websites containing a malicious link to a "lulz.htm" page, which in turn leads the user to a Dokta Chef Exploit Kit (EK) hosting site. This appears to be a new tactic whereby a hacktivist group has escalated their activities by attacking users who visit defaced sites.
more here....http://research.zscaler.com/2014/11/defaced-websites-leading-to-dokta-chef.html
more here....http://research.zscaler.com/2014/11/defaced-websites-leading-to-dokta-chef.html