The attacker cannot just enter the network, each validator needs to deposit the 32 ETH and then there is the waiting queue: 1 million validators cannot enter in an instant, only a couple per epoch. So the first few enter and they cannot present their version of the truth, because they are a tiny minority.
It would be more problematic if someone somehow steals access to the majority of existing validators. This is more difficult the more different entities there are.
The difference is that if you do not habe the 32 -ETH deposit, everyone can run as many validators as they like. That is only limited by hardware costs short term and power consumption long term.
And that is what happens. Bitcoin mints at the moment 6.25 BTC per 10 minutes - that is 2466.25*35.000$=31,500,000 $ per day that miners can burn for operational costs (mostly power) before they become unprofitable.
Ethereum has 800k validators, but even if you have a single validator on a PC, that only costs a few cents per day to operate (example: 10Watts * 24h= 240Wh=0,24kWh -> maybe 2kWh per week, much lower if you run multiple validators).