Would someone be able to spell out how this attack works after initialisation? I don't really understand hardware wallets. How does the information about the user and their key make its way back to the people who created the device?
The attackers know the key to begin with, before the user even gets their hands on the device. The compromised device pretends to generate a random key but instead generate one of twenty keys provided by the attackers.
Other than generating a small set of known seeds, some signature formats (including ECDSA, which is used for many cryptocurrencies) also allow exfiltrating data through some of the values they consist of and which are required to validate them.
If the wallet uses deterministic ECDSA, or the algorithm used is deterministic by definition (such as EdDSA), this can be detected, but doing so requires validating some generated signatures on a second, trusted device.
