Yes, the r value was reused. One of the compromised addresses is a P2PKH address holding a bit over 2 BTC, which ACCIDENTALLY shared the same R with two other addresses due to a cloned VM. This particular address has a total of 7 spends with a biased k.
I compared all r values above; for example, the comparison between r2 and r5:
Number of fixed (frequent) bits: 140/256
Fixed bits ratio: 0.5469
The 7 r values mentioned come from the same key. Here, r2 and r5 have 140 fixed bits in total.
Is there a way to brute-force the nonce?
It is only possible to calculate the private key of an address if it used a K value in a signature that was previously used by a compromised address. This way, the private key can be calculated because the private key of the compromised address is enough to calculate the value of the K that both addresses used. In short, if we have the K value, then the private key of any address that has ever used the same value can be calculated. The lattice attack will not work, you should not look for matching bits in the value r, but in the value K.