But isn't it weird the coin is still lying on the new address?
It's possible that the attacker sent your coins directly to a third party like a mixer or an exchange, in which case a variety of things could have happened to it. It's also possible that the attacker is HODLing or that they're afraid to move the coins and be subject to blockchain analysis.
I was hoping there was a little chance a good guy was "securing" the coin
It seems unlikely. Shitloads of brain wallets have had the funds stolen from them. Besides, BTC is an ideal asset to steal so if you're a criminal with a computer, brainwallets might be the first place you go.
As for getting it back, you'll only get it back if someone finds out who the thief is. It seems unlikely that that'll happen, since police forces are too busy arresting people for buying a few drugs on the darknet.