I'll just put my 2 cents out there but when it comes to this malicious plugin the root issue is the blacklist changes of Dawntrail have allowed this to happen. The only realistic ways to fix it is to either move the blacklist server side that the internal account ID's can no longer be read client side OR revert to the original blacklist system from before Dawntrail and maybe try another approach instead.

Some people might think calling for an anti cheat would solve this but I've been gaming online for nearly 20 years and that bloatware does absolutely nothing to stop these malicious people who cheat or harass others, it's a speed bump that gets defeated within a few hours of an update and ends up causing issues for legitimate players usually through compatibility issues and other things and is ultimately a waste of time for both players and developers and that doesn't even get to the whole privacy issues either.