This type of thread comes up every once in awhile lately and it is usually the result of the an insecure instance of openHAB being available on the internet. I forget the exact details (can someone help my memory?) but I think it is opening a port or using the cloud connector with a default password. There is a website that shows open connections.
Do you have your openHAB instance exposed to the internet? If so, how? Does the openHAB administrative user have the default password?
I’ll try to find one of the other threads that discuss this
ok, here is one from last year
here is another with link to website that shows unsecured instances
