I find it more worrying that we do not "hear" about the 'more serious attacks' that keep them busy and don't allow them to look into i.e. 'AviatoChortler' (even after a few weeks). That might mean that there is a constant stream of 'more serious attacks' (without information I can only guess).
... or it could also be that we're simply spread too thin. ;)
Bad relay detection is a space that doesn't traditionally get much focus. Presently Philipp is the only person investing time here, and he both has a day job and would prefer to do more interesting things (like write code!) in his free time.
As I see it there's three areas that need to be improved in this space...
1. Bad relay detection. Philipp's ExitMap [1] and my naive sybil checker [2] are the only automated checks I'm aware of right now. That leaves a lot of room for improvement.
2. Openness. Traditionally there's been some contention about where to draw the line between openness and secrecy. Personally this is what turned me off to this space [3]. Thankfully Philipp's moving us toward being a little less secretive. [4]
3. Responsiveness. To get a relay flagged we need to persuade directory authority operators to manually intervene by editing their torrc. I get the impression all the dirauths that vote on BadExit now use Philipp's git repository so hopefully this is better than it once was.
All this is to say 'help welcome!'. If this is a space you truly care about then please make it better! Philipp can best say where more hands would be useful.
Cheers! -Damian
[1] http://www.cs.kau.se/philwint/spoiled_onions/ [2] https://gitweb.torproject.org/doctor.git/tree/sybil_checker.py [3] see the 'As of April 2013 this list is no longer being maintained' note on https://trac.torproject.org/projects/tor/wiki/doc/badRelays [4] https://trac.torproject.org/projects/tor/ticket/13302