The zero-day flaw which is based on the right-to-left override (RLO) Unicode was used by hackers as a backdoor to mine cryptocurrencies. The RLO Unicode is used for coding languages that are often written from right to left such as Hebrew and Arabic. However, the code is also used by hackers to trick unknowing users into downloading malware that might be in the form of images. A hidden Unicode character in the file name was used by the hackers to reverse the file name character order, ensuring the file name was unchanged. Hackers have continuously exploited the vulnerability since March 2017.
Full article:
Telegram Zero-Day Flaw Leads To Hacking
