Morning News | Boya Interactive plans to invest no more than $70 million to purchase cryptocurrency; WeChat launches official lobster plugin; Bitcoin mining difficulty decreased by 7.76% to 133.79 T

整理：ChainCatcher

Important News:

• WeChat launches official lobster plugin
• Data: Bitcoin mining difficulty reduced by 7.76% to 133.79 T
• Hackers forge Google Play Store page, targeting Brazilian users with cryptocurrency mining and wallet hijacking attacks
• US CFTC clarifies pilot requirements for using crypto assets as collateral: BTC/ETH collateral must meet 20% capital adequacy ratio
• Boyaa Interactive plans to invest no more than $70 million in cryptocurrency to enhance Web3 business layout
• Resolv Labs: The collateral asset pool remains sufficient, with no underlying asset losses reported

What important events occurred in the past 24 hours?

Boyaa Interactive plans to invest no more than $70 million in cryptocurrency to enhance Web3 business layout
According to ChainCatcher, Hong Kong-listed company Boyaa Interactive (00434) announced that its board of directors recommends seeking shareholder approval for a purchase authorization to use idle cash reserves from business operations for potential cryptocurrency purchases within the next 12 months, totaling no more than $70 million.

This move aims to take advantage of the current downturn in the cryptocurrency market to appropriately expand its cryptocurrency allocation and further support the company's Web3 business development. As of the announcement date, the company holds a total of 4,092 bitcoins at an average price of approximately $68,200; 302 ethers at an average price of approximately $1,661; and approximately 7,000,700 Tether coins. The board plans to conduct these cryptocurrency purchases on regulated trading platforms to ensure market liquidity and security.

Bithumb and Upbit issue trading warnings related to stablecoin USR
According to ChainCatcher, South Korean cryptocurrency exchanges Bithumb and Upbit have issued trading warnings related to the stablecoin USR, alerting investors to security issues and severe price fluctuations, urging extra caution when investing in REOLV.
Michael Saylor releases Bitcoin Tracker information again, may disclose increased holdings next week
According to ChainCatcher, Michael Saylor, founder of Bitcoin treasury company Strategy, has released information related to Bitcoin Tracker again, captioning: "The Orange March Continues."

Based on previous patterns, Strategy always discloses information about increased Bitcoin holdings the day after relevant news is released.

Resolv Labs: The collateral asset pool remains sufficient, with no underlying asset losses reported
According to ChainCatcher, Resolv Labs stated on platform X that the security incident involving unauthorized minting of USR tokens is still under investigation, and the collateral asset pool remains fully sufficient with no underlying asset losses reported; the issue seems limited to the issuance mechanism of USR. The team's current priorities include controlling the spread of the incident, assessing potential impacts, and ensuring legitimate users are not affected, while continuing the investigation and disclosing more progress as soon as possible.

Analyst: SIREN token controlling party has accumulated 484.6 million tokens, accounting for 66.5% of total supply

According to ChainCatcher, on-chain analyst Yu Jin monitored that the controlling party of SIREN has consolidated chips previously spread across hundreds of wallets into 48 wallets within the last few hours, involving approximately 484.6 million tokens, accounting for 66.5% of the total supply, currently valued at approximately $1.04 billion.

On-chain data shows that these chips were accumulated at an average price of about $0.045 through hundreds of wallets by the end of June 2025, totaling approximately $21.8 million. SIREN has risen from $0.08 to $2.1 in the past month and a half, an increase of about 26 times; the current unrealized profit on these holdings is about 47 times.

Data: Bitcoin mining difficulty reduced by 7.76% to 133.79 T
According to ChainCatcher, data from Cloverpool shows that as of March 21, 05:54:19 Beijing time, Bitcoin mining difficulty was adjusted at block height 941,472, reduced by 7.76% to 133.79 T, marking the second-largest drop in nearly four and a half years, second only to the 11.16% reduction in early February this year.

Hackers forge Google Play Store page, targeting Brazilian users with cryptocurrency mining and wallet hijacking attacks

According to ChainCatcher, hackers launched an Android malware attack in Brazil through a phishing page mimicking the Google Play Store. Currently, all known victims are located in Brazil.

The attackers set up a phishing website that closely resembles Google Play, luring users to download a counterfeit application named "INSS Reembolso." After installation, the application releases hidden malicious code in stages and directly loads it into memory, leaving no visible files on the device, making it highly covert. One of the core functions of the malware is cryptocurrency mining, with an embedded XMRig mining program compiled for ARM devices, which can silently connect to the attacker's controlled mining server in the background. The program monitors battery level, temperature, and device usage status, dynamically adjusting mining behavior to evade detection, and bypasses Android's background process management mechanism by looping silent audio files.

Some variants also contain banking trojans that can overlay counterfeit pages on the USDT transfer interface of Binance and Trust Wallet, silently replacing the recipient address. Additionally, the malware supports recording, screenshotting, keylogging, and remote locking commands.

WeChat launches official lobster plugin

According to ChainCatcher, Tencent's public account reports that WeChat has officially launched the WeChat "ClawBot" plugin, supporting integration with OpenClaw. Users can scan a code or copy a command to integrate OpenClaw into WeChat. Once connected, users can quickly interact with their "lobster" efficiently through WeChat chat. In addition, Tencent's "Shrimp Workshop" cloud shrimp Lighthouse, self-developed shrimp workbuddy, and local shrimp QClaw are all in place.

Bithumb is pushing for the re-election of current CEO Lee Jae-won to maintain operational continuity and stability

According to ChainCatcher, despite facing a series of controversies and regulatory penalties, South Korea's second-largest cryptocurrency exchange Bithumb is still pushing for the re-election of current CEO Lee Jae-won. Previously, on February 6, 2026, Bithumb experienced a serious operational error during a promotional event, mistakenly distributing approximately 620,000 BTC to users, about 15 times the actual amount held by the trading platform, exposing significant flaws in Bithumb's internal verification, asset management, and ledger systems. The error was discovered and controlled within 35 minutes, and the trading platform froze transactions and withdrawals for 695 affected accounts, claiming to have recovered 99.7% of the misallocated assets, but the incident still caused brief panic in the market.

The Financial Intelligence Unit (FIU) under the South Korean Financial Services Commission imposed several penalties on Bithumb, including a six-month suspension of some operations, a 36.8 billion won (approximately $24 million) anti-money laundering fine, a warning to CEO Lee Jae-won, and a six-month suspension for the reporting officer.

CEO Lee Jae-won's term is set to end this month, and the company plans to hold a regular shareholders' meeting on March 31 to review a proposal to extend his term by another two years. Despite the significant failure and regulatory pressure, Bithumb has chosen to push for re-election to maintain operational continuity and stability rather than undergo a management reshuffle. In similar situations, such as Upbit's CEO transitioning to an advisory role after receiving a warning from the FIU, management often faces greater accountability.

National Internet Emergency Center and others release OpenClaw security usage guidelines
According to ChainCatcher, as reported by Jinshi Data, to help users safely use OpenClaw, the National Internet Emergency Center and the China Cybersecurity Association jointly released OpenClaw security usage guidelines on March 22, aimed at ordinary users, enterprise users, cloud service providers, and technical developers, providing security protection recommendations.

Among the recommendations for ordinary users are: using dedicated devices, virtual machines, or containers to install OpenClaw, ensuring environmental isolation, and avoiding installation on daily office computers; not running OpenClaw with administrator or superuser privileges; not storing or processing private data in the OpenClaw environment; and timely updating to the latest version of OpenClaw. For cloud service providers, recommendations include conducting security assessments and hardening of the basic security layer of cloud hosts; ensuring security protection capability deployment and access; and ensuring supply chain and data security protection.

ResolvLabs stablecoin suspected of vulnerability, USR briefly plummets to $0.257

According to ChainCatcher, on-chain analysts monitored that ResolvLabs stablecoin is suspected of having a vulnerability, and the team has not yet responded. An address minted 50,000,000 USR using 100,000 USDC, causing USR to briefly plummet to $0.257, a drop of 74.2%, currently recovering to $0.7847.
US CFTC clarifies pilot requirements for using crypto assets as collateral: BTC/ETH collateral must meet 20% capital adequacy ratio
According to ChainCatcher, market news indicates that the U.S. Commodity Futures Trading Commission (CFTC) has provided detailed guidance on a pilot project for using crypto assets as collateral. The regulatory agency has notified that futures commission merchants (FCMs) participating in the pilot must submit announcements to market participants, stating the start date for accepting crypto assets as margin. Key points include:

1. Capital requirements: Only Bitcoin, Ethereum, and stablecoins are acceptable as collateral, with BTC/ETH calculated at a 20% capital adequacy ratio and stablecoins at 2%. Futures commission merchants participating in the pilot can only accept Bitcoin, Ethereum, or stablecoins in the first three months;

2. Compliance and reporting obligations: Participating futures commission merchants must promptly report significant cybersecurity or system issues and submit weekly reports on the total amount of crypto assets in customer accounts;

3. Expansion after three months: Other crypto assets may be used as collateral after three months, while some reporting requirements will be terminated;

4. Limited use: Only dedicated payment stablecoins may be deposited into customer segregated accounts for remaining equity; crypto assets cannot be used for unliquidated swap collateral, but eligible tokenized assets may be substituted.

5. Derivatives clearing organization requirements: Clearing organizations that meet CFTC credit, market, and liquidity risk requirements may accept crypto assets and stablecoins as initial margin for cleared transactions.

Hackers forge Google Play Store page, targeting Brazilian users with cryptocurrency mining and wallet hijacking attacks

According to ChainCatcher, hackers launched an Android malware attack in Brazil through a phishing page mimicking the Google Play Store. Currently, all known victims are located in Brazil.

The attackers set up a phishing website that closely resembles Google Play, luring users to download a counterfeit application named "INSS Reembolso." After installation, the application releases hidden malicious code in stages and directly loads it into memory, leaving no visible files on the device, making it highly covert. One of the core functions of the malware is cryptocurrency mining, with an embedded XMRig mining program compiled for ARM devices, which can silently connect to the attacker's controlled mining server in the background. The program monitors battery level, temperature, and device usage status, dynamically adjusting mining behavior to evade detection, and bypasses Android's background process management mechanism by looping silent audio files.

Some variants also contain banking trojans that can overlay counterfeit pages on the USDT transfer interface of Binance and Trust Wallet, silently replacing the recipient address. Additionally, the malware supports recording, screenshotting, keylogging, and remote locking commands.

Meme Popularity Rankings

According to the meme token tracking and analysis platform GMGN, as of March 23, 09:00,

The top five popular ETH tokens in the past 24 hours are: SHIB, LINK, PEPE, UNI, ETHFI

The top five popular Solana tokens in the past 24 hours are: Punch, neet, Buttcoin, Lobstar, testicle

The top five popular Base tokens in the past 24 hours are: PEPE, BASED, B3, SKYA, NATO

What are some interesting articles worth reading in the past 24 hours?

Understanding x402 and MPP: Two paths for Agent payments

Regarding the question of how Agent payments work, x402 and MPP provide two almost opposite paths.

x402 follows a protocol minimization approach: embedding payments directly into HTTP requests to achieve pay-per-request in the simplest way. There are no accounts, no intermediaries, resembling the early open and permissionless design of the internet, suitable for long-tail developers and decentralized scenarios.

MPP, on the other hand, maximizes the system: addressing high-frequency trading, risk control, and fiat currency access issues through sessions, streaming payments, and compliance systems. It does not pursue purity but prioritizes meeting real business needs, making it more suitable for enterprise-level and large-scale applications.

The differences between the two are essentially two solutions to the same problem: whether to make payments a part of the protocol or a layer of the system.

Thus, they are not in complete competition but rather distributed across different ranges, with x402 covering the long-tail needs of open networks and MPP handling high-frequency and commercial traffic. In an Agent economy that has yet to take shape, this differentiation may be inevitable.

The trillion-dollar Agent economy's underlying commercial protocol: Understanding ERC-8183, not just payments, but the future

This article systematically analyzes the technical principles and commercial value of the ERC-8183 protocol from dimensions such as technical architecture, core mechanisms, application scenarios, and ecological collaboration.

When Wall Street's ETH starts to "earn interest": From BlackRock's ETHB, observing the asset attribute shift of Ethereum

On March 12, 2026, Ethereum staking reached a historic moment.

The world's largest asset management company, BlackRock, officially launched a staking yield Ethereum ETF "iShares Staked Ethereum Trust" (ticker: ETHB) on Nasdaq ------ it not only holds spot Ethereum but will also use a significant portion of its assets for on-chain staking and periodically distribute the earnings to investors.

It can be said that after more than a year of market discussion, the launch of ETHB essentially resolves the core issue that has remained unresolved since the introduction of the Ethereum spot ETF: Can ETH be officially accepted as an "interest-earning asset" by the mainstream financial system?

This also marks the formal entry of "Staking," a behavior that once belonged to on-chain native users, into Wall Street's asset allocation framework.