I'm sorry for your loss buddy and hope you can recover from it!
The other day I had a regular Chrome browser open and I wanted to go to Poloniex. When I got to the site I noticed a new tab popped open that redirected to a bunch of sites, one of them being http://piz7ohhujogi.com and then landed in a clone of Poloniex login page. The only difference was the url was something like log-in-....com and not Poloniex!!
I put in fake details and it was immediately "refreshed" to the real Poloniex login page.
My thoughts are, it was a malware doing phishing to my account. and the idea is once i've put in my 2FA they would immediately use it as they already know my user / pass and.. viola! the account is hacked..
I tried Bittrex as well and the same thing happened.. So this was NOT a poloniex issue but a problem with my Chrome browser.
This did not happen in FireFox or chrome incognito. I cleaned my computer and think I solved the problem but I'm VERY cautious now before I log in to any exchange.. ALWAYS check the URL before signing in!
Holy crap... that's one damn tricky malware there. And you'd never be the wiser when it happens to you. Glad you had some keen observation skills and you should totally do a writeup on this experience to warn others. It's a valuable lesson. Upvoting and following. Thanks for the info