They were sent to this address at approximatly 00:50:20 GMT 1M77fUCzQrmY8jHRRgpzDVPAK5eQ31bwxZ
Within 17 seconds of me depositing 100 btc into my account they were stolen and transfered to another address without me even being logged into the blockchain wallet servce.I robot that scans new transactions (timestamped or not), awsome!
I doubt it was a bot for three reasons. (1) This was one hour after the problem started. Nobody would set up a bot for this so fast, you have to understand the problem first. (2) the money was stolen in two transactions, first 99 BTC, then 0.9889 in a second transaction. A bot would have taken everything in one. (3) why didn't he set up a bot for all the other weak addresses?
My guess is that someone created a new address and found 5.9 BTC. He transferred that to his other address. When this worked, he looked for more and created new addresses, maybe also new accounts. He was still online when the 99.989 BTC arrived and got a notification. 17 seconds should be enough to open the send tab, enter 99 BTC, fill in the address (it was probably in his autofill history), and click send. It was a lot of luck, though.
Your guess that it was not a bot is probably right, but you are forgetting that in order for the thief to generate the same private keys means he is also Blockchain.info user and they know who he is. Nobody who was not using their wallet had no chance of hitting those keys accidentally. The coins still sit there unspent:
and the thief will have to return them to rightful owners in order to avoid being prosecuted, if he can avoid it at all since his actions are quite fishy.