The authentication process effectively salts the response with both the web origin and the anti-replay counter. The result is then different for every web origin and so the phishing site would get a different authentication response that is incorrect/useless for the real site.

This protection is only for the classic phishing scenario where the user-agent is showing a different origin that is masquerading as the user's desired site. AFAIK, this won't solve the problem of Trojan apps where the authenticated user-agent itself can be subverted into making inappropriate requests. In such malware scenarios, you could also just hijack the other temporary session cookie/token secrets after the login step.