just for your info, they are just a bunch of script kiddies. They know from nothing to zero about networking. No one use to track those, since they just group, deface a lot of sites and vanished. I agree with most of guys here: too many "holes" on security. Script kiddies are just like that: run a program to scan computers with vulnerabilities and change pages. I doubt that they know what to do with root access.
However, as these kind of people act as bees (or rats), I repeat previous advices: re-install
all