Did you mean that it is possible for them to access our account managing to steal cookies from our devices .
... cookies are login authorization and such ... so they can place bets; .. and toast our balance ..
Yes. If they can steal your cookies they can hijack your logged-in session which is already authorised by 2fa.
<...>
that's why besides practicing good internet hygiene (VPN, adblock, avoiding social engineering and phishing, strong passwords, 2fa, etc...) it's a good idea to limit 2fa time on websites and never mark the "trust this device" box some websites (like kucoin) have.
better safe than sorry.