It can't be more silly. I think those people should not even be called as hackers since even an average bitcoin holder knows that brute forcing a wallet is a complete waste. If it were to be a real hackers then they would rather try finding and compromising the device on which the wallet was previously used and then decrypting the private key from the device.
You should read the OP more carefully.
It is not about bruteforcing private keys, but about bruteforcing the password of a wallet.dat file.
Those two things are completely different. Bruteforcing a private key is not feasible, yes indeed. But cracking a password can be possible. It purely depends on the strength of the password.
[...]
Or take for example the many sha256 hacked brain wallets.
[...]
But not impossible it just boils down to a combination of time energy hardware and luck.
Brain wallets are
cracked because people are dumb and the entropy is low enough to be bruteforced.
There already have been quite some brain wallets emptied which were derived from the rockyou.txt password list (most used passwords).
Bruteforcing private keys is (and won't be) feasible.