You know there are software keyloggers, right? It's like any other malware. An attacker doesn't need physical access to your computer, they can infect it when you simply visit a malicious web site, for example. It's a good reason to use Tails, especially if you are a vendor. 99% of malware is made for Windows, but even if there was some malware for Linux (which I'm not aware of any existing in the wild at the moment), your system would be wiped clean on the next reboot.