If we assume that this is correct, then there are at least two options left - one of the comments says that maybe it is an interaction with a malicious contract (recently we had a case where this was the reason for hacking), or the HW was modified in a still unknown way which enables it to pass all checks by Ledger, and the hacker still gets the generated seed.
I thought the recent hacks affected ERC-20 tokens and not the underlying native assets of alternative blockchains. Maybe I am wrong.You are right, but if you look at
this case, it seems that there is still a possibility that a maliciously signed transaction can give a hacker access to the entire wallet. There has already been a discussion about the fact that it is not wise to store BTC and altcoins in the same wallet - because it is obvious that there is a risk that the user will lose everything if he makes just one wrong step.