They use your account to sell/buy other pairs. Imagine the hacker control two accounts at the same time, one is yours, and the other is his separate account. Let's say you have 4 ETH balance. The hacker open order with your account to sell the ETH at the X price that he already prepares on his other account. Now, let's say he has X coins with low spread and lack of volume. He can use the ETH/X pair to use your ETH to buy his X coins that should not worth any penny (though this is easy to detect).

As for the fees, it's likely going to Kraken. I never use Kraken, but I doubt users could send fees to specific address/other users except for the exchange itself.