Vulnerability resides in the way Telegram Windows client handles the RLO (right-to-left override) Unicode character (U+202E), which is used for coding languages that are written from right to left, like Arabic or Hebrew. The vulnerability was uncovered by security researcher Alexey Firsh from Kaspersky Lab last October. The flaw has actively been exploited in the wild since at least March 2017 by attackers who tricked victims into downloading malicious software that used their CPU power to mine cryptocurrencies or serve as a backdoor for attackers to remotely control the affected machine.
Source: https://thehackernews.com/2018/02/hackers-exploit-telegram-messenger-zero.html