I am wondering if the Wordfence team is still reporting bots to ISPs? I hope you are. Most of them are on hacked websites.
I end up reporting about 10 a week and I usually get feedback that they were able to find the bots and disable them. I know this is a drop in the bucket but I am a firm believer in offence as well as defense. My theory is that if they learn that they are going to loose bots by attacking my site that eventually they will learn to stay away.
I encourage every Wordfence user to at least report a few when they have time. You can get the contact information you need at http://centralops.net
I have also reported 896 websites with a pharma hack since I started in May. I never imagined it would be so difficult. But I'm not giving up. Each time I successfully get one taken down there is one more website owner who has learned a little more about security.
I have also learned that there are many web hosting providers that have very weak security teams. I do what I can to educate them. That is one of the most frustrating things I have learned about web security.