No because the devices she is using are assumed to be compromised, so the attacker can just copy the key used for LN auth. The only way this works is LN auth with a hardware wallet that way the key cannot be stolen and she can communicate in a hostile environment. The hardware wallet would protect her key, which could then be used with any client using LN Auth to securely authenticate. Be careful to not stay logged in just in case session cookies are stolen.

All of her devices should be taken offline and isolated with all radios disabled until they can be scanned and the root cause of the issue can be determined, otherwise she will risk continuous re-infection and also risks infecting other devices on the network.

She likely is not a target in particular. Persistence of infected devices has been a corner stone of black hats since computers could compute.

If she cannot be down while her devices are cleaned and scanned for malware, then she will need completely new devices on a network totally separate from her infected devices where she can begin the process of account and password recovery.

Just on what you've said this sounds like the type of infection is called a worm. It is a specific type of computer virus designed to infect devices and then use the infected devices to scan and find new devices to infect. Surprisingly, this is not as common as a Trojan or other types of malware, but Bluetooth is so weak I am not surprised to hear about a worm taking advantage of it.