Sort:  

posting key I am using to login the account

A very strange situation. In order to withdraw money from you, the hacker must have your active key. He just can't get it. Only if you performed some kind of operation with an active key outside the blockchain.
Try to carefully analyze all your recent actions with keys.

I never used the keys outside steemit. We can say that @warrentto has find some major loopholes in steemit system and he is do this scam with so many accounts still steemit developers doesn't have time to look in that issue.

This is exactly the question that should come first among developers.

There is so many users facing this issue from last 3 years still developers hasn't fixed this issue . I am professional software tester and I know where I have to use which keys. But this issue is not coming from my side. developers and other officials need to see that issue and have to fixed that. I am very disappointed when I saw many users left steemit because of @warrentto stole their sbd and still steemit developers doesn't show interest in fixed this issue

Unfortunately yes. This situation harms the platform and so far I have not seen real steps to fix it either.