Right, they're used as distractions fairly often. The rest of the explanation makes no sense though; that is, I don't see how the DDoS would then "make the system vulnerable" to Bitcoin theft. Unless it was something like where the attackers already had access, but most everything was kept in cold storage and they wanted to force them to move a lot of BTC into their live wallets.