Recently using Bitcoin Core I send BTC to two addresses simultaneously. Transactions look something like below after submit. There are two entries, one with Output index: 2 and one with Output index: 0
That's normal.
The balance of my Bitcoin Core client is also different from what I can see on blockchain.info. The difference is the amount send to the third address. I expect that I will not be able to use my blockchain data anymore because it has my original transaction which is different from the transaction that got added to the public blockchain.
My conclusion now is that the transaction I submitted was changed by someone after I submitted it to the Bitcoin network. This baffles me. Around 20% of the total value of the transaction was skimmed / stolen from me.
How is this possible? How can they change my transaction?
Is it possible to prevent hacks like these? Is the Bitcoin Core client hacked? Is it safe to use?
It is not a hack and it is generally the common behavior over the major wallets. When you spend an unspent output in your address, you're spending the output completely. This means that any value that is in that output has to be spent or else it is recognised as a mining fee. As such, the wallet automatically creates an output in the transaction to spend the remaining funds not used as mining fee into a change address[1]. The change address is hidden in Bitcoin Core by default but you can choose not to use it, at the expense of privacy.
What about the Output index: 2 and one with Output index: 0 ? Could it be that there was also a Output index: 1? For the third address?
That's correct.
[1]
https://en.bitcoin.it/wiki/Change