Cracking arbitrary addresses - funds that belong to other people - is completely different. IMHO.
If you find a large wallet in low addresspace (or address with collision to low addresspace) then actually you've done a security audit.
Whether you are thief or not is decided by your FOLLOWING actions, but not the fact that you bruteforced something.