Obviously, it is difficult to know with certainty if the "bitcoinEater" address is really one for which no one knows the private key.
It's impossible to know with certainty, but you can
easily be certain there's no such owner. Same as with PoW. You can't know with certainty that one spent millions of dollars to find a valid hash, but you can easily assume it's true, and you'll be right. One ought to spend millions, on average, to accomplish that.
It's realistically impossible to find a valid Proof-of-Work without the work.
Trying to brute force that address for all intents and purposes is not going to work. If you say that someone is trying to brute force that specific address, I would respond that they will be unsuccessful.
The risk to someone knowing the private key associated with the "bitcoinEater" address is that someone could have happened to have generated the private key associated with that address, saw its potential use, and published the address for people to "burn" coin to.