Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction?
There's no point. It would just result in the Bitcoins being stolen over and over again. When the hacker notices this, they would just script another transaction to transfer it away to their own address. Either you get every miner to cooperate with you or you can't do anything.
With regards to the message, you could use OP_Return but that is mostly ignored by normal people. If its a system, then it would be impossible for them to see it. You have to trace the origin of the Bitcoins yourself.