TechTeam are from brazil the most likely it was a cgi script and they just done |echo TechTeam ownz blah blah >index.html| my suggestion would be to look for any vulnerable cgi scripts on you're website and remove them if you're not using them the access they would have had was probably the nobody account anyways if that has been locked down and doesent have wget or compiler rights you should be fine does the admin of the boxes know they were defaced ? has he found the problem at all ?