It sounds like your Azure account may have been compromised. It's important to take immediate action to secure your account and prevent further unauthorized resource creation.
First, you should change your Azure account password as soon as possible. This will prevent the attacker from continuing to access your account.
Next, you should review the suspicious resource groups and determine if they are legitimate or not. If they are not legitimate, you should delete them immediately to prevent further charges.
You should also enable Azure's Multi-Factor Authentication (MFA) for your account, which provides an additional layer of security by requiring a second form of authentication (such as a phone call, text message, or mobile app notification) when signing in to your account.
It's also recommend to use Azure Policy to enforce rules on resources that can be created within your subscription, this will help you to prevent similar issues.
Finally, you should also monitor your Azure account for any unusual activity in the future, and take action immediately if you notice any suspicious behavior.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.