Thats a good idea, and probably the most user friendly opportunity to safely store and still use your bitcoins!
No, you don't have to synchronize your wallet. The application, from which you access your hardware wallet, uses an online service to sync the current
status of your addresses. So basically its always up to date when connected to the internet.
Can any kind of malware steal your funds or private key or anything at all?
Theoretically they can break, yes. But at initialisation of your hardware wallet you have to write down a 12 or 24 word phrase from which your determenistic wallet can be
recovered (this 12/24 word phrase recovers all of your created private keys (and therefore the corresponding funds stored in your addresses).
A hardware wallet holds your private keys encrypted and never releases them to pc/outside of hw wallet.
Basically your (to the internet connected) pc creates an unsigned transaction and forwards it to the hardware wallet which signs your transaction and forwards it to your pc
back again. Your pc can therefore be infected and your funds are still safe and noone has access to your private keys.
The most important part is to have your pc clean when initializing your trezor/ledger/... wallet