In 2014 Bitcointalk forum user known as thankful_for_today forked the codebase of Bytecoin into the name BitMonero, which is a compound of Bit (as in Bitcoin) and Monero (literally meaning “coin” in Esperanto). The release of BitMonero was very poorly received by the community that initially backed it. Plans to fix and improve Bytecoin with changes to block time, tail emission and block reward had all been ignored, and thankful_for_today simply disappeared from the development scene. A group of users led by Johnny Mnemonic decided that the community should take over the project, and five days later they did while also changing the name to Monero.
Due to its privacy features, Monero experienced rapid growth in market capitalization and transaction volume during the year 2016, faster and bigger than any other cryptocurrency that year. This growth was driven by its uptake in the darknet market, where people used it to buy stolen credit cards, guns, and drugs. Two major darknet markets were shut down in July 2017 by law enforcement. From the beginning, Monero has been used by people holding other cryptocurrencies like Bitcoin to break the link between transactions, with the other cryptocoins first converted to Monero, then after some delay converted back and sent to an address unrelated to those used before.
On January 10, 2017, the privacy of Monero transactions was further strengthened by the adoption of Bitcoin Core developer Gregory Maxwell's algorithm Confidential Transactions, hiding the amounts being transacted, in combination with an improved version of Ring Signatures.
After many online payment platforms shut down access for white nationalists following the Unite the Right rally in 2017, some of them, including Christopher Cantwell and Andrew Auernheimer (“weev”), started using and promoting Monero.
The operators behind the May 2017 global ransomware incident WannaCry converted their proceeds into Monero.
In June, The Shadow Brokers, the group that leaked the code used in WannaCry, started accepting payments in Monero.
Coinhive generated the script as an alternative to advertisements; a website or app could embed it, and use website visitor's CPU to mine the cryptocurrency while the visitor is consuming the content of the webpage, with the site or app owner getting a percentage of the mined coins.
Some websites and apps did this without informing visitors, and some hackers implemented it in way that drained visitors' CPUs. As a result the script was blocked by companies offering ad blocking subscription lists, antivirus services, and antimalware services.
As of May 2018 Monero was led by 7 members, 49 developers and 3 researchers, with the unofficial figurehead of pseudonymous Luigi1111.
In the first half of 2018, Monero was used in 44% of cryptocurrency ransomware attacks.
In July 2018, the Change.org Foundation took advantage of Monero's mining network by creating a screensaver that mines Monero to raise funds.
In November that same year, Bail Bloc released a mobile app that mines Monero to raise funds for low-income defendants who can't otherwise cover their own cash bail.wikipedia