From looking at the paper [1], the basic mitigation seems to be that the group admin that adds someone to the group sends the "add this account to the group" message to all group members end-to-end encrypted.

In Signal, apparently some malicious users that are not a group member (such as a former group member) could add users to a group. In Threema and WhatsApp, a malicious server can add further users, but Threema has apparently fixed that already.

[1] https://eprint.iacr.org/2017/713.pdf

Not 100%. In Threema, a malicious server could replay an old add-this-user message after that user has been removed from the group to re-add it to the group. But it could never add new users (since add messages are encrypted by the admin). Also, the server can't tell group control messages from regular text messages, making this even harder. Replay protection has been added in the meantime.

Requiring new participants to have an invitation signed by the administrators private key seems like it would prevent this.