Excellent observation, and something I missed. I believe an powerful fix for this would be that transactions in "draw block" are not part of the draw. So in concrete terms, the draw still is decided by block 1233000 however any transactions in block 1233000 are part of draw 2, not draw 1.
A (very large) miner could still use a variant of the attack to privately withhold a xxx999 block with the 5000 BTC transaction, and then attempt to privately mine the xxx000 block but now it's getting much, much harder (with a larger penalty for failure).
I'll do some benchmarking on a high-end computer, and try figure out some parameters to slow down verification to prevent any