Is this true or is just a FUD?
Whatever you read in that forum, you shouldn't take it without a big grain of salt. I have no idea how '4 MB witness data' can be considered an 'attack vector'. They also talk about bandwidth requirements but when we mention those at 2 MB block size limit they disregard them.
Looks like the attacker ran out of money, and probably ended up at net loss, next time they should think twice before attacking bitcoin.
I doubt that; I don't think that they've spent a lot of money.
The recommended fee is an average, so it needs more datapoints until it smoothens out and gets lowered.
Let's see how many days are required before it returns to normal.