2) imagine you were Bittrex. There's a fraudulent bot which scams users to send ETH to an address which happens to be your account. Why would any scammer put a recipient address into his bot which isn't his? It just doesn't make any sense.
3) did you never wonder why you receive ETH deposits, just like that? If my account started receiving deposits without me sending them, I'd get very wary
If the bot isn't yours, then how would the actual thief get access to the stolen funds?
Do you have 2fa enabled?
I think what the OP is saying, the person who stole the ETH sold it to him on localbitcoin. Not that the address for the scam was his, but funds were moved from the scam address to his own.