Old iPad Transfer Malware/Virues?

My old iPad Air 2 got infected with malware, perhaps due to Apple no longer supporting it with iOS updates. Anyway, I’m ready to buy new iPad Air 6. My question is does the malware constrain me in transferring my info to the new iPad? AFAIK the malware just blocks internet access.

Threat & Vulnerability

Providing your iPad has been kept up-to-date with system software updates, you should not be unduly concerned for your iPad being directly compromised by malware. Due to the system architecture of iOS/iPadOS, unless jailbroken, your iPad is not susceptible to traditional malware infection per-se. However, as with all computer systems, there are still vulnerabilities and exploits to which you remain vulnerable.

For older devices, no longer benefiting from security updates, the risk of an unpatched vulnerability being exploited increases. Regardless of the installed version of iPadOS, there are useful mitigations that can be used to significantly reduce your exposure to risk.

Be wary of an often repeated myth that Apple devices are immune to malware; those that perpetuate this fallacy, perhaps with good intention, do not necessarily comprehend the broader threat landscape. Apple expend considerable resources in developing and issuing regular software security updates and patches for its products; if the myth had any substance, regular security updates would be unnecessary.

Mitigation

The majority of threats to which you will be exposed surface via web pages or embedded links within email or messaging platforms. Browser-based attacks can be largely mitigated by installing a good Content/Ad-blocking product. One of the most respected within the Apple App Store - designed for Apple devices - is 1Blocker for Safari.

https://apps.apple.com/gb/app/1blocker-for-safari/id1365531024

1Blocker is highly configurable - and crucially does not rely upon an external proxy-service of dubious provenance, often utilised by so-called AntiVirus products intended for iOS/iPadOS. Instead, all processing by 1Blocker takes place on your device - and contrary to expectations, Safari will run faster and more efficiently.

Unwanted content is not simply filtered after download (a technique used by inferior products), but instead undesirable embedded content is blocked. The 1Blocker product creates a ruleset that is actually processed by Safari. 1Blocker has also introduced its new “Firewall” functions - that are explicitly designed to block “trackers” and will augment existing protection built-in to iPadOS. Being implemented at the network-layer, this additional protection works across all Apps. Recent updates to 1Blocker has introduced additional network extensions, extending protection to other Apps.

A further step to improve protection from exploits is to use a security focussed DNS Service in preference to automatic DNS settings. This can either be set on a per-device basis in Settings, or can be set-up on your home Router - and in so doing extends the benefit of this specific protection to other devices on your local network. I suggest using one of the following DNS services - for which IPv4 and IPv6 server addresses are listed:

Quad9 (recommended)

9.9.9.9

149.112.112.112

2620:fe::fe

2620:fe::9

OpenDNS

208.67.222.222

208.67.220.220

2620:119:35::35

2620:119:53::53

Cloudflare

1.1.1.1

1.0.0.1

2606:4700:4700::1111

2606:4700:4700::1001

Use of the above DNS services will help to shield you from “known bad” websites and URLs - and when used alongside 1Blocker, or other reputable Content Blocker, provides defence in depth.

There are advanced techniques to further “harden” iOS/iPadOS (such as using DoH, DoT and DNSSEC); while fully and effectively supported by iOS/iPadOS, Apple doesn’t expose this capability via device settings - but there are easy ways to access this functionality. Aside from installing a device-profile from a external device-management system, a really easy way to set and manage DoH/DoT settings is to use a third-party utility App - DNSecure:

https://apps.apple.com/app/dnsecure/id1533413232

This App does exactly what is needed to effectively configure DoH/DoT - and is free to download and install. Many DNS providers are already preconfigured - including Quad9 and Cloudflare. Additional secure DNS providers can be added if required.

Apple has recently introduced its new Private Relay to its iCloud+ subscribers - in part employing ODoH (a variant of DoH) as an element of this new functionality. While this feature is principally intended as an aid to privacy as opposed to threat and vulnerability mitigation, it does provide some useful protection where other mitigation measures are not employed. More details of the Private Relay feature can be found here:

About iCloud Private Relay - Apple Support

In summary, there are many mitigations that you can use to better secure your iPad from malware and other potential threats. A good content blocker, combined with secure DNS and other protections offered by iPadOS can reduce your exposure to malicious links, content and threat actors.

officialthomash wrote:

Could malware or viruses running on my old iPad (running ipad os 12. something) transfer viruses or malware to my iPhone 13 (running ios 16.5.1) that I factory reset but linked it to the same apple id as the iPad? Could apps that are installed on both devices for example spotify transfer malware or viruses?

I since have factory reset the ipad because i don’t need it anymore.

Thanks!

The answer is the same as all of your other post regarding this.

If the devices are not jailbroken, you have nothing to worry about. There are no viruses/malware that can be installed on either device.