I've manually tried like 10 servers and finally found 1 that it connected to and sync'd fully.
What is the exact risk in using the hacker's server exactly? Besides privacy issues.
It should be noted that the "DoS attack" is actually being conducted by "Good"™ servers that have updated to latest version of server code... this "DoS attack" was deliberately implemented by the devs to try to force users to update to the latest version.
Not ALL "good" servers will have updated... so the server you connected to may not be "bad"...
Is it possible for the hacker to change the unsigned transaction code and change the destination/change address to theirs? I don't think that's possible.
No, a
server can't do that... as it only receives "signed" transactions when you broadcast it... only a fake
client could attempt to change your unsigned transaction... So, you'd need to download and install a fake client for that to happen.
Even if it was, I would notice the different addresses in the cold electrum version and wouldn't sign them.
Exactly...
If you want to continue using an old version and
guarantee that you can find a compatible server to connect to, you'd probably need to install Bitcoin Core and then run your own Electrum server that doesn't include the "DoS attack" patch.