all the mass SQL injection attacks seem to occur on SQL Server.Perhaps SQL Server's accessibility is the issue: with so many untrained practitioners encouraged to deploy it, perhaps the sorts of convenient behaviors that typically allow SQL injection are inevitable.
"... They ne'er cared for us
yet: suffer us to famish, and their store-houses
crammed with grain; make edicts for usury, to
support usurers; repeal daily any wholesome act
established against the rich, and provide more
piercing statutes daily, to chain up and restrain
the poor. If the wars eat us not up, they will; and
there's all the love they bear us."
-- Shakespeare: Coriolanus, Act 1, scene 1