A random user couldn’t do this, because the attempted 1 eth exit would require a merkle proof of the corresponding utxo (which doesn’t actually exist). This griefing vector only works if you can get an invalid utxo included in the plasma block (and thus the Merkle root), so the operator would have to be in on it.
Good observation, but I think in reality it could be pretty much the same thing. If a centralized hub tries something malicious in one (or a few) channel(s) and the counterparty user is forced to close the channel, the news will spread (by observing the main chain or through off-chain channels) and people will start leaving the hub, i.e. closing their channels. Does that make sense?
Indeed, the panic-factor may ultimately lead to channel exits anyway. (Although I, for one, would defiantly keep my channel open with the hub until forced to settle; cryptoeconomics, dammit!!!)