Nothing stops malware from generating transactions and sending them to your ledger for your to accept/verify them.
I'd guess that OP would have seen on his Ledger the new transaction he has to confirm and would have rejected it...
And in such a case this whole topic would have no substance.