It's no more far-fetched than they spending astronomical amount of money to attack a PoS system (and without guaranteed success, like attacking a PoW).
Okay - am coming around to your point of view now - but one point still bothers me which is the *hacking point*.
With PoW you can't *hack the proof* you have to "do the work" (unless a fundamental flaw is found with SHA256 which would probably screw up all cryptos that exist at the moment).
It may be much easier to *attack the wallets* of stake holders (via keyloggers, etc.) in order to gain the stake without having to spend "astronomic amounts" of money (might only require a few million to recruit a team of black hats and exchanges would be a major *weak point* with this vector).