Severity scale:  

Coinhive Miner. How to remove? (Uninstall guide)

removal by Julie Splinters - - | Type: Malware

Coinhive becomes a new goldmine for malware developers

The picture illustrating Coinhive misused for mining cryptocoins

Coinhive Miner is defined as a virus which helps mine Monero or another type of cryptocoins with the assistance of a legitimate tool called Coinhive. The latter functions as a JavaScript library which lets web developers mine cryptocoins on their site. Such privilege depends on the script’s usage of a site visitors’ CPU power. After users found a way to earn money by mining digital coins, they encountered a problem.

However, Coinhive offers a better solution. Web owners can replace the advertisements with the software library and mine cryptocoins by using visitors' CPU speed while they are browsing web owners’ sites.

After users found a way to earn money by mining digital coins, they encountered a problem. Mining process takes a considerable amount of time. In order to speed it up, various tools have been used: from computer processors, video cards up to the ASIC chips specifically designed for this process.[1]

However, since cyber crooks do not always have financial resources to buy such equipment (or simply are unwilling to do so). The very fact that you mine cryptocoins for certain website developers can be infuriating idea enough. Certainly, it might encourage to remove Coinhive Miner of any sorts. Reimage or Malwarebytes Anti Malware might be practical in this situation.

Making use of Coinhive for malicious deeds

The very tool has been released only a while ago, but cyber villains already made a rush to misuse it for their benefit. Placing Coinhive library in hacked sites and fishy browser extensions have become a new trend.[2]

Felons disguise the mentioned script in all possible means and browser extensions are one of them. One of such sample is SafeBrowse. It is likely that fraudsters might plague popular apps, change their source code and corrupt them with the Coinhive Miner. Android users should be especially vigilant as Android OS is still highly vulnerable which encourages the surge of Android virus variations.

Additionally, malware developers create a fake equivalent website based on popular domains, such as This typo domain technique is not new since it was used for infecting users with malware. One of the prominent samples is Amazon-based fake web pages.

Since users often mistype the domain URL address, imagine what profit felons receive after dozens or hundreds of visitor accidentally visit their pages. However, knowing human greed for money, fraudsters already go on the offensive and deceive users into installing Coinhive Miner in the form of different apps and hacked sites.

Tech support scams – another solution to mine cryptocoins

You should also be wary of another old trick – tech support scams[3]. Since some users still have a hard time differentiating between a genuine alert and a fake one, malware developers exploit this time for their benefit.

Now when you get redirected to a website which claims that you have been infected with the Zeus virus and urges you do the suggested action within 5 seconds, you really have to make a rush. Instead of complying with the demands, you have to quickly exit the page since the longer you stay there the more cryptocoins you will mine for the racketeers.

To make matters worse, fraudsters may attempt you to lock you inside these web pages. In that case, you have to shut down the webpage forcefully via the Task Manager.

Lastly, in order to redirect users to the websites with the hidden Coinhive Miner script, crooks also make use of the old technique – adware. This potentially unwanted program, which is designed to modify your browser and direct its traffic to specific sites, happens to be a perfect way.

What is more, this type of browser malware does not only come in the form of an independent app but functions via AutoConfigURL and similar scripts. Ordinary users may not notice its presence until the stream of ads floods their computer screens.

On the other hand despite how inevitable and invincible this new malware strategy might seem, there are ways to detect and perform Coinhive Miner removal or detect another cryptocoin mining script.

Getting rid of Coinhive Miner(s)

With the rise of crypto-currency malware[4], software developers have already taken precautions. There are already a couple of adblocker apps which detect cryptocoin miners. Furthermore, cyber security developers will also try to keep up. You will be expected to update your anti-virus and malware elimination tools once the updates are delivered. In order to escape Coinhive Miner hijack or similar malware, consider these precautions tips:

  • if you get redirected to a tech support scam site suggesting to call a Microsoft specialist via a specific phone number, exit the web page
  • read users’ reviews before downloading a new plug-in or app from the Google Play store
  • reset the browser if you notice redirections to an unwanted site or the emergence of pop-up sites in the background of a browser
  • scan the browser and system with security tools regularly
  • check Task Manager and look for apps which use over 30% of CPU memory resources

Finally, if you suspect that coin-mining malware has settled on your computer, scan the computer with different malware elimination utilities. Doing this procedure in a Safe Mode might be useful as well.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Coinhive Miner you agree to our privacy policy and agreement of use.
do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Coinhive Miner. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
More information about this program can be found in Reimage review.
Press mentions on Reimage

About the author

Julie Splinters - Malware removal specialist

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Julie Splinters
About the company Esolutions