Once upon a time, a small startup promised website owners a revolutionary way to make money: skip the ads, just let visitors' browsers mine a little cryptocurrency in the background. That startup was Coinhive, and within months it became the most talked-about name in browser-based crypto mining — and one of the most controversial.
What Was Coinhive?
Coinhive was a JavaScript-based crypto mining service launched in September 2017. Instead of relying on banner ads or paywalls, it offered publishers a simple script they could embed on their websites. When a visitor loaded the page, the script would tap into the visitor's CPU to mine Monero (XMR), a privacy-focused cryptocurrency whose mining algorithm was specifically designed to work on ordinary consumer hardware.
The pitch was disarmingly simple: users wouldn't see annoying ads, publishers could earn a passive income, and the whole thing ran in the background. Coinhive took a roughly 30% cut of whatever was mined, and the rest went to the website owner. For a brief moment, it felt like a clever middle ground between intrusive advertising and outright paywalls.
The startup was founded by a group of developers who openly believed that website monetization needed a rethink. They argued that mining a few seconds of CPU time was a fairer trade than tracking users with cookies and ad networks. For a while, the idea gained traction across independent blogs, gaming sites, and even a few experimental news outlets.
How Browser Mining Actually Worked
Under the hood, Coinhive's script used a WebAssembly port of the Cryptonight hashing algorithm — the same one Monero used at the time. The integration was almost absurdly easy: drop a few lines of JavaScript into a page, set a few parameters, and the miner would start working the moment a tab loaded.
Publishers had three main modes they could choose from:
- Always-on mining — the script ran continuously while the page was open.
- Opt-in mining — visitors had to click a button to start the miner, usually in exchange for skipping an ad.
- Shortlink mining — used by file-hosting sites, where users waited a few seconds while their browser mined before getting their download link.
On paper, the opt-in model looked ethical. In practice, it was almost never the version users actually encountered.
The Cryptojacking Craze
The same simplicity that made Coinhive attractive to honest publishers made it irresistible to attackers. Within weeks of launch, security researchers noticed that the script was showing up on compromised WordPress sites, pirated streaming platforms, and even inside browser extensions. This was the birth of cryptojacking — the unauthorized use of someone else's computer to mine crypto.
The numbers were staggering at the peak. In late 2017 and early 2018, Coinhive's miner reportedly accounted for a huge share of all cryptojacking incidents tracked by cybersecurity firms. Users reported fans spinning up, laptops overheating, and battery life collapsing — all because a single rogue script had been quietly running in a hidden browser tab.
The script was brilliant engineering wrapped in a deeply uncomfortable business model.
Browsers and antivirus vendors eventually fought back. Chrome, Firefox, and others began blocking or throttling Coinhive-style miners by default, and most antivirus suites added signatures to flag the script. Coinhive tried to respond with stricter terms of service, banning covert deployments, but the damage to its reputation was already done.
The Monero Connection
The choice of Monero wasn't accidental. Bitcoin mining had long since moved to specialized ASIC hardware, making CPU mining pointless. Monero, by contrast, was deliberately designed to resist that kind of centralization. That made it the perfect coin for browser mining — and, unfortunately, the perfect coin for attackers who wanted to monetize hijacked CPUs without easy traceability.
Why Coinhive Shut Down in 2019
On February 26, 2019, Coinhive announced it was winding down. The official reason: the Monero network had hard-forked in October 2018, and the new algorithm rendered Coinhive's implementation unprofitable. The team said the project was no longer economically viable and gave users until April 30, 2019, to pull their dashboards and remaining balances.
But the real story was more complicated. By the time of the shutdown, Coinhive was already deeply entangled in negative press, malware investigations, and rising regulatory scrutiny. The company was reportedly under investigation in several jurisdictions over how its script was being abused. Even if the hard fork hadn't killed the economics, the reputational damage had made the brand nearly impossible to defend.
Looking back, Coinhive's demise was less about one technical event and more about a slow erosion of trust. The team had built a tool that could have powered a legitimate alternative to advertising, but the open-ended script model simply gave bad actors too easy a path in.
Key Takeaways
Coinhive is one of the most important case studies in the short, chaotic history of crypto. It showed that browser-based mining was technically possible, that users were willing to trade CPU cycles for content in the right circumstances, and that any tool which monetizes unattended computing power will inevitably attract abuse.
ul>Today, CoinHive is mostly remembered as a cautionary tale — proof that even a clever idea can collapse under the weight of how easily it can be weaponized. For anyone building the next generation of crypto-powered tools, the lesson is clear: design for trust first, monetization second.
Zyra