was this an attacker getting ahead of the curve?
I doubt an attacker would target bitcoin first. Much more to be gained by compromising TLS secured internet traffic, e.g. bank accounts and such.
absolutely. And, like I said in the linked article, wouldn't it have been so much fun and profitable to sign a bunch of messages using those keys pretending to be Satoshi and sending markets into chaos? The owner of those 2010 block rewards had huge power to pretend to be Satoshi... could have made up a lot of interesting stories. Glad they didn't, but it was in their power.