Well, not exactly. Contiguous bytes that amount to CSAM, or malware in general would cause people who run a VPS node to probably have their VM shut down. That's probably 20% of the node netwprk, including major players like exchanges and mining orgs. THAT is the attack vector. Then the mitigations would be effectively having VPS providers whitelist Malware (which they won't). Having the pushbytes allows the data to be segmented and it won't trip malware detection. Nothing to do with the fees.