I don't think we need to suspect the RAR encryption is broken. By default, at least on Linux, even if an archive is encrypted a 'rar l <file>' will show a file list though. So if the files had relevant filenames like mybitcoins.txt then it made searching the harddrive for money easier. At least I suspect crackers look for files called creditcards.txt, passwords.txt etc.
If the crackers knows the archive contains coins, then bruteforcing is worth it.
If the crackers knows the archive contains coins, then bruteforcing is worth it.