Adding to the excellent comments and advice that you’ve already received…
Due to the system architecture of iOS/iPadOS, unless jailbroken, your iPad is not susceptible to traditional malware infection per-se. However, as with all computer systems, there are still vulnerabilities and exploits to which you remain vulnerable. For older devices, no longer benefiting from regular security updates, the risk of an unpatched vulnerability being exploited increases.
Be wary of the often repeated myth that Apple devices are immune to malware; those that perpetuate this falacy do not necessarily comprehend the broader threat landscape. Consider that if the myth (and over-generalisation) were true, Apple would not expend considerable resources, as they do, in developing and issuing regular software security updates and patches for its products. If your iPad has been updated to the most recent version of iPadOS (at this time, iPadOS 15.5), your iPad is natively as well protected as is possible.
Delete any Apps that you have installed as a consequence of this incident - then force-restart your iPad to eliminate any potential memory-resident malware processes:
- On an iPad with a Home button: Press and hold the top button and the Home button at the same time. When the Apple logo appears, release both buttons.
- On other iPad models: Press and quickly release the volume up button, press and quickly release the volume down button, then press and hold the top button. When the Apple logo appears, release the button.
As already advised, as a precaution, change critical passwords - especially those used for personal and financial affairs.
Concentrating now on what you can do to reduce your future exposure and potential vulnerability…
The majority of threats to which you will be invariably exposed will surface via web pages or embedded links within email. These browser-based attacks can largely be mitigated by installing a good Content and Ad-blocking product. One of the very best and most respected within the Apple App Store - designed for iPad, iPhone and Mac - is 1Blocker for Safari.
https://apps.apple.com/gb/app/1blocker-for-safari/id1365531024
1Blocker is highly configurable - and crucially does not rely upon an external proxy-service of dubious provenance. All processing takes place on your device - and contrary to expectations, Safari will run faster and more efficiently.
Unwanted content is not simply filtered after download (a technique used by basic/inferior products), but instead undesirable embedded content blocked form download. A further benefit on metered services, such as cellular connections where you data may be capped or chargeable, this not only improves speed but also saves you money. 1Blocker has also recently introduced its new “Firewall” functions - that are explicitly designed to block “trackers”. Being implemented at the network-layer, this additional protection works across all Apps. Recent updates to 1Blocker has introduced additional network extensions, extending protection to other Apps.
A further measure to improve protection is to use a security focussed DNS Service in preference to automatic DNS settings. This can either be set on a per-device basis in Settings, or can be set-up on your home Router - and in so doing extends the benefit of this specific protection to other devices on your local network. I recommend using one of the following DNS services - for which IPv4 and IPv6 server addresses are listed:
Quad9 (recommended)
9.9.9.9
149.112.112.112
2620:fe::fe
2620:fe::9
OpenDNS
208.67.222.222
208.67.220.220
2620:0:ccc::2
2620:0:ccd::2
Cloudflare+APNIC
1.1.1.1
1.0.0.1
2606:4700:4700::1111
2606:4700:4700::1001
Use of the above DNS services will help to shield you from “known bad” websites and URLs - and when used alongside 1Blocker, or other Content Blocker provides defense in depth.
There are advanced techniques to further “harden” iOS/iPadOS (such as using DoH, DoT and DNSSEC). Apple has recently introduced its new Private Relay to its iCloud+ subscribers - in part employing DoH as an element of this new functionality.
I hope this information and insight proves to be helpful.
