So they let it happen to screw you out of dollars?
This is running on a normal instance - a t2.micro one. However, a normal server does not have the infrastructure to apply geoblocking. For that you need a VPN, a load balancer, and an AWS firewall with geoblocking rules set up. All this is ok for commercial applications, however it's a massive extra cost on a little community server like this.
For now all I could think of is to bump up the server to a t2.small, which does double the cost, but still nowhere near as bad as all the extra infrastructure would be. (the monthly cost goes from $10US to $20US)
TBH it maybe an idea to tune Apache & mysql a bit, so instead of flopping it'd just reject requests, but it's all time, time, time to play around with these. Anyway, I'll try and do it at some point.
For now, blame the friggen script kiddies who run their botnets looking for easy hacks.