Okay dude. 1. When you verify a block you have to decrypt and orient the data in ordered bytes. 2. When you run a node on hosted servers, the company hosting it scans all transmitted, saved, and processed RAM data for malicious package fingerprints. 3. These fingerprints are just a hash digest of the bytes of a known malicious package. 4. Seeing the fingerprint CONTIGUOUSLY of a malicious package the server host would kill the VM that they host your Nginx or Apache2 instance on. 5. This would happen as soon as you try to verify the transaction with an OP_RETURN output. 6. I and many others have explained this ad nauseum but morons like you don't understand how Bitcoin works so you just post "This isn't a hacker movie" type shit as if you understand something you clearly don't. 7. GFY I don't care what you have to say.