It shouldn't be so easy to derive a private key from the corresponding public key. Is the attack you're referring to working because most of the bits of the private key are already known or am I missing something else here?
That's precisely what happened, knowing the public key of an address is commonplace (as long as the address has done at least one tx) and doesn't compromise the security of its private key
The problem is that OP specifically said 2^33, which is quite darn easy. I didn't immediately realize that he was saying so just because, in this specific case, only 66 bits needed to be found, which indeed gives 2^33 by applying the usual formula.
