Coinhive Miner (Removal Instructions) - updated Aug 2018

Coinhive Miner Removal Guide

What is Coinhive Miner?

Coinhive virus – malware misusing legitimate services to initiate cryptojacking attacks

The abstract image of malicious Coinhive Miner

Coinhive virus is a crypto miner which is designed to mine Monero cryptocurrency by exploiting the script of legitimate Coinhive services. Note that the developers of this legal website miner are not affiliated with the malware. Criminals who try to infiltrate the code on the site without notifying the user are violating Coinhive's Terms of Use. Likewise, people tend to call this malicious miner as the Coinhive virus.

Bogus crypto miner by Coinhive functions as a JavaScript which aims to utilize the computing power of users who are visiting the website without asking their permission. Likewise, as long as the user is surfing on the page, his/her CPU power is being exploited to mine Monero cryptocurrency.

Initially, the legitimate cryptocurrency miner my Coinhive was developed to help users and websites' owners make an exchange — people allow to utilize their CPU in exchange for ad-free experience during their browsing sessions. Despite how tempting this solution seems, it has become the base of most cryptojacking attacks.

In other terms, after users found a way to earn money by mining digital coins, they encountered a problem. Mining process takes a considerable amount of time. In order to speed it up, various tools have been used: from computer processors, video cards up to the ASIC chips specifically designed for this process.

However, cyber crooks do not always have financial resources to buy such equipment (or simply are unwilling to do so). Likewise, they want to make illegal and quick profits by secretly embedding the Coinhive virus to mine cryptocurrency at the expense of other people's resources.

Users should be aware that long periods of cryptocurrency mining leave no computing resources to complete other processes. Thus, their computers can significantly slow down, start freezing and fail to open or load regular programs. In some rare cases, they can become completely unusable because of the Coinhive miner!

Likewise, we strongly suggest you remove Coinhive virus to protect your computer's well-being. FortectIntego is the perfect choice if you want to do it quickly without putting much effort. Merely download an antivirus and let it scan your computer files to identify and eliminate the infection.

Also, Coinhive virus removal is a must to stop criminals from exploiting legitimate services. Note that as long as you keep visiting malicious websites and giving your CPU power, criminals will keep receiving funds to continue their activity. Thus, do not hesitate and check your system for Monero miner right now.

Most common ways how criminals exploit Coinhive for malicious purpose

Even though the crypto-mining services is still a novelty in the cyberspace, hackers have already used them in several substantial cryptojacking attacks. They try to embed the malicious code on websites where people spend more time to increase their illegal profits.

The illustration of malicious Coinhive MinerCoinhive Miner illegally exploits legitimate JavaScript to mine Monero on numerous websites without permission.

Felons disguise the mentioned script in all possible means and browser extensions are one of them. One of such sample is SafeBrowse. It is likely that fraudsters might plague popular apps, change their source code and corrupt them with the Coinhive Miner. Android users should be especially vigilant as Android OS is still highly vulnerable which encourages the surge of Android virus variations.

Additionally, malware developers create a fake equivalent website based on popular domains, such as This typo domain technique is not new since it was used for infecting users with malware. One of the prominent samples is Amazon-based fake web pages.

Since users often mistype the domain URL address, imagine what profit felons receive after dozens or hundreds of visitor accidentally visit their pages. However, knowing human greed for money, fraudsters already go on the offensive and deceive users into installing Coinhive Miner in the form of different apps and hacked sites.

Hackers take advantage of Tech support scam victims for their own benefit

Despite plenty of information about phishing attacks in tech support scams[1], people still tend to fall for fake messages which are urging to either call the criminals or download so-called security software. Since the new era of blockchains has begun, criminals switched their tactics to mine cryptocurrencies during such attacks.

Now when you get redirected to a website which claims that you have been infected with the Zeus virus and urges you do the suggested action within 5 seconds, you have to make a rush. Instead of complying with the demands, you have to quickly exit the page since the longer you stay there, the more crypto coins you will mine for the racketeers.

To make matters worse, fraudsters may attempt you to lock you inside these web pages. In that case, you have to shut down the webpage forcefully via the Task Manager.

Lastly, in order to redirect users to the websites with the hidden Coinhive Miner script, crooks also make use of the old technique – adware. This potentially unwanted program, which is designed to modify your browser and direct its traffic to specific sites, happens to be a perfect way.

What is more, this type of browser malware does not only come in the form of an independent app but functions via AutoConfigURL and similar scripts. Ordinary users may not notice its presence until the stream of ads floods their computer screens.

On the other hand, despite how inevitable and invincible this new malware strategy might seem, there are ways how to get rid of Coinhive Miner or detect another crypto coin mining script present on your system.

Ways to identify and uninstall Coinhive Miner(s)

Before you try to remove Coinhive virus from the system, note that crooks are relatively fast to develop new cryptojacking techniques. Once malware researchers upgrade antivirus programs to protect inexperienced computer users, hackers do the same with their malware. However,[2] team warns that people should also take precautionary measures by themselves to avoid the infiltration of crypto-currency malware[3]:

  • if you get redirected to a tech support scam site suggesting to call a Microsoft specialist via a specific phone number, exit the web page;
  • read users’ reviews before downloading a new plug-in or app from the Google Play store;
  • reset the browser if you notice redirections to an unwanted site or the emergence of pop-up sites in the background of a browser;
  • scan the browser and system with security tools regularly;
  • check Task Manager and look for apps which use over 30% of CPU memory resources.

Finally, if you suspect that coin-mining malware has settled on your computer, scan the computer with different malware elimination utilities. Try using FortectIntego, SpyHunter 5Combo Cleaner, and Malwarebytes to detect and remove Coinhive miner or other offsprings of this virus.

Note Coinhive miner removal simply depends on the antivirus software you use. If it is robust enough to detect the bogus website and its code, you will be safe. Otherwise, it would be smart to reconsider your security program choices.

do it now!
Fortect Happiness
Intego Happiness
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

How to prevent from getting malware

Stream videos without limitations, no matter where you are

There are multiple parties that could find out almost anything about you by checking your online activity. While this is highly unlikely, advertisers and tech companies are constantly tracking you online. The first step to privacy should be a secure browser that focuses on tracker reduction to a minimum.

Even if you employ a secure browser, you will not be able to access websites that are restricted due to local government laws or other reasons. In other words, you may not be able to stream Disney+ or US-based Netflix in some countries. To bypass these restrictions, you can employ a powerful Private Internet Access VPN, which provides dedicated servers for torrenting and streaming, not slowing you down in the process.

Data backups are important – recover your lost files

Ransomware is one of the biggest threats to personal data. Once it is executed on a machine, it launches a sophisticated encryption algorithm that locks all your files, although it does not destroy them. The most common misconception is that anti-malware software can return files to their previous states. This is not true, however, and data remains locked after the malicious payload is deleted.

While regular data backups are the only secure method to recover your files after a ransomware attack, tools such as Data Recovery Pro can also be effective and restore at least some of your lost data.

About the author
Julie Splinters
Julie Splinters - Anti-malware specialist

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Julie Splinters
About the company Esolutions

Removal guides in other languages