The problem of corrupted exit servers is indeed one that we should all ponder until a solution may be found. However, setting up, say, 1,000 hidden, slaved, correctly configured tor servers via a bot net may be rather more difficult to accomplish than you have fully considered. Entry guards and middlemen probably wouldn't be useful to an attack coordinator.
----------------------- >From the start, there have always been less bad then good..... Why not have all the servers "look" at other servers and verify they are "good". Notify the server admin or a central server, if something doesn't look right. Is it possible to remotely test software ?? Or can this always be overcome with corrupt code on the "bad" server ?