I really have to look into Rune. Amazing that these tools exist. I would say it is not a protocols responsibility to check who is using it. Would be great to mark funds like that though and always publish which wallet is holding stolen funds. If there was an open source thing that frontends could run not allowing these marked wallets to interact it could have a great impact on the hacker side. I think many exchanges and even dexes would run this. Thus making it hard to give hackers a chance to move their stolen goods.