I support the idea of giving the attacker like 10% of all Testnxts and if the attack was successful(+documentation!) the community should pay a nice bounty. Like 500.000 Nxt or so.
Somehow I like what he's doing. POS and crypto in general is very young, it's necessary that we're getting attacked so we can learn from it.