I would hope that RFC6979 deterministic signatures would be the standard for hardware wallets (that's what Trezor uses). Anyway, I doubt this would be used as an attack vector, since it's not guaranteed that the attacker would be the one claiming the funds (see: white hat returning lost BC.i funds).
If I read that paper correctly, with that attack the attacker (the person who wrote the malicious tx-signing code) would be the only person able to recover the private key from the transaction signature (or even to notice that the signature is leaking the key). Thus, that attack it is more subtle than the BCI fiasco -- where everybody had a copy of the faulty RNG, and thus could reproduce the k values, identify the compromised addresses, and sweep them.
If you read the paper correctly would you like to place a numerical estimate on how likely this attack is ...e.g. 50%, 10%, 1%, 0.001%?
Thanks in advance for reducing the FUD spreading.
I would say 90% chance that someone will try that attack sometime in the next 10 years, either a blanket attack (sell hundreds of fake devices on eBay or on a local eletronics store, then scoop whatever falls into the net) or an attack directed against some specific fat target.