He likely hasn't really come to anyone's attention. Eastern European organized crime uses completely automated software that scans the Web looking for known and documented vulnerabilities in Web sites; if it finds any, news spreads fast and other automated software starts hammering at the site.
It's nothing personal. It's all automated software.
What platform is he using? Is he using a CMS like Wordpress, Drupal, or Joomla? (Edit: I noticed you sayit's not WordPress; is he using any other CMS or is it just flat HTML?)
Keeping a CMS secure requires skill and proactive work--hackers will usually reverse-engineer security updates in popular software packages and add exploits within 24-48 hours of a new version being released, so if you do not update your plugins or CMS within at most 48 hours after an update is available, that's it, you're done. Your Web site will be pwn3d and it doesn't matter if you are popular or not, well-known or not, have good Google rank or not--it's all totally automated.
I've ben doing quite a bit of research on WordPress security and Eastern European organized crime lately, so if he's using WP I can definitely offer some tips.
Last edited by tacit; 07/28/15 10:03 PM.
