This doesn't work.  In the scenario OP describes, the hacker steals the private key, he doesn't send them from the client the OP is using.  All the hacker would have to do is use a different client. (I would have just have generated the rawtx and sent it manually).

The only way to add a way to universally cancel transactions is to change how the chain processes transactions.