The HW is not affected by compromised systems, the strength of the HW is that the transaction is signed offline and through the screen of the device you see the data of the signed transaction.

That is why it is very important to verify the data indicating the amount and to the address sent.

An infected system cannot do anything with an already signed transaction other than not broadcasting or displaying incorrect data in the software used.