Not so fuzzy after all. An earlier attack DOES have an advantage!
When you attack, you usually don't know how long you can sustain the attack. So, if you attack early and sustain as long as you possibly can, you will enjoy 100% of the attacks' fruits.
On the other hand, if you arbitrarily decide to attack just 48h before difficulty change, then you can enjoy AT MOST 48h of decreased hashing power.
There's no advantage in doing it late. But there IS the risk that you underestimate your chances of success.
So much for the myths..
If that is true it certainly would speak more to the motives of said Botnet OP. It would need verification, but if I recall correctly the last two big attacks were shortly after difficulty change. I.e., a start point within the first 48 hours. If correct this would indicate a motive that is much more profit driven and diliberate than an attack that was just intended to disrupt the network for *insert reasons here*.
*ponders*
Cheers