I changed my password but when i login to my account in my summery some unkown ip login is in my history after changing my password yet!!
and for 2fa it must work just with one cell phone yes? but I scan my QR-code in bittrex with my second cell phone and the system show the code on second cellphone too !!
so if hacker login to my account he can active 2fa in his cell phone too!! is it correct ?!
and for 2fa it must work just with one cell phone yes? but I scan my QR-code in bittrex with my second cell phone and the system show the code on second cellphone too !!
so if hacker login to my account he can active 2fa in his cell phone too!! is it correct ?!
The safest step to take would be to withdraw all funds from bittrex, and just ditch your account. You'll be able to find the level of service bittrex gives you on other exchanges anyways and since you already know that you have a hacker on your back, it's probably the safest thing to do.
Did you have 2fa enabled when the hacker logged in again? Are you sure it wasn't just you using VPN/Tor with an IP that you didn't recognise?
I don't know if you can add multiple devices as 2fa but to log in, you need code from at least one of the 2fa devices. And the hacker does not have that, so theoretically he doesn't have a chance of logging in.
Last resort, either ditch bittrex, or tell support about the situation and see what they reply with. But first, get your funds out.
