From the wide range of IP address types hinted at (Universities, different countries, etc) it's not a single organization.
Logically a large organization could do this for themselves, but a few hundred dollars a day wouldn't make sense for them, as they make more money in other ways. It's a drop in the bucket.
And any large organization with an IT guy who does this would have other IT people find out about it VERY quickly. If you're talking a business with 15k unique IP addresses, they should have IT staff in the hundreds. Someone would notice something.
The simplest answer is that it's a botnet, any other possibilities are far too low of a chance to be possible.
I was thinking maybe this is an outsourcing company using their clients computers, but again the few thousand a day to risk millions in contracts would be idiotic, and it'd be shut down very quickly.