There’s no point - can be thousands of addresses, all owned by people who have no clue whats going on because their systems are compromised. Their only hint is the PC is slower than usual.
Not only that, but there are methods known as ‘smurf attacks’ that can be instigated by one person in one place, and use spoofed IP’s to generate DDoS attacks from servers all over the place:
http://en.wikipedia.org/wiki/Smurf_attack
So, it could technically be one, or a few hackers doing this if they’ve found some ISP’s who still haven’t closed these holes.
There are ways to close those holes and most ISP’s in the US have. But that doesn’t stop an attacker from using servers in China, Korea, etc, where these holes are usually still wide open.
‘Smurfing’ is a pretty old method, I’ve been privy to them for about 10 years since I worked at a Mom & Pop ISP back in the boom days. All it would take was for one of our customers (usually a kid) to P/O somebody else (usually another kid) on IRC or another chat room somewhere, and the next thing you know, we’re getting ‘smurf’ed’. It would take us hours to recover and it became a big problem until we got our upstream provider to start putting measures in place to mitigate the attacks.