Q: My iPad is hacked

I'm going with language barrier. But, unless they start answering the necessary questions, I will give up.

Best of luck.

I suspect it is possible to hack an iPad even if the original user did not jailbreak it. It happened to me as far as I can tell with an iPad 3. 

In my case it appears that my routers ((originally a linksys (both stock and flashed with ddwrt) and later an Asus(stock and modified at different points) were compromised to allow remote access.  My main computer (not a mac but a self built triple boot Windows 7/ GNU Linux (various ) / Mac OSX Mountain Lion Hackintosh seemed to constantly get infected with redirects and allowed in users to take over my tower under all three OS's.  I take full blame as far as errors in judgement and poor security on my part led to the condition and have since removed the hackintosh software (although I paid for legitimate verions of Mac an Windows I realize now that the modification to run on non apple hardware is unacceptable).  Anyways... once your routers are compromised all bets are off.

My iPad 3 appeared to be redirecticting and exhibited other signs of unusual behavior (if anyone cares I will explain "unusual" to their hearts content).  When I would copy and paste the addresses in the URL bar I would get all kinds of HTLM language and some unix terminal commands thrown in at times (including references to root and hidden file paths (denoted by being prefaced by a ".") .  I eventually jailbroke the iPad myself and in the config files using iFile I found a ton of redirects and other nasties.  Although this may of been caused by the jailbreak itself, I found in the network config file that my iPad was connecting to a PAN network that i suspect was set up by my hacked ( meaning jailbroken by someone other than myself) iPhone 5.  Also, when i edited the network config file by what I thought was cleverly changing the it (honestly I don't remember whether it was config or plist at this point), from a 0 to a 1 next to Bluetooth PAN, my iPad kept notifing me it coud not connect to PAN even though it was disabled in the graphical settings already.  When it next powered down it would not reboot and I had to eventually restore it with iTunes to what I hope is factory from a Library computer.

I had noticed my wife (using an iPhone 4 32 GB) and myself were constantly going over on our data usage for our family plan and suspected something was amiss but I could not figure it out.  She finally would turn off her data and I was only by this point looking at security related information over the Verizon cell network (reading web pages and such, no streaming of music or videos).  I think now than when I would connect to my computers (mainly my tower but also infected dell, hp and two  2009 and one 2010 macbooks), the attackers (or more likely their scripts) at somepoint jailbroke the iphones and ipad 3.  My computers were linking over Bluetooth to my phones.  Crazy stuff and I know it sounds far fetched but it was happening.

I have since bought a new lte 2013 macbook pro and two new iPhones (a S and a C).  Also bought a new hp laptop and have turned off my home internet connection temporarily.  Hoping to find that by getting my old infected systems out of the house that i can reset and verify that my iPad 3 and my two iPods (my daughters') are clean ((the ipods not the daughters)(maybe the iPod's already are but I am a bit paranoid by this point).

My concern is that I found my previous tower and the laptops (the pc's at least and I suspect the Macbooks but am uncertain if it is possible in their case), had raid configurations and seemed to be PXE booting from a local host.  Not sure about how they were cross infecting  (suspect mainly Bluetooth PAN network) but I know my bioses (is that the right term for BIOS plural) were hacked as some settings were not standard and some regular options were unavailable of woud seem to reset themselves.  Also concerned by the number of CMOS like chips (mainly Etrontech) I am finding in my systems.  I know they make USB 3 controllers but I have them on a large number of my hard drive controller boards.  Still trying to figure out if these can be hacked as they have persistent memory capabilities.  Will figure it eventually.

Anyways, my basic point here, and I suspect I will be either labelled a troll or a lunatic, is that even my macbooks were hacked.  Along with my iPad 3 and 2 iPhones (still uncertain as to the iPods).  I have been reading web sites for over a year now and I just think that there is often a diservice done when people just dismiss the idea that iOS and OSX can get hacked.  Read an excerpt from a Blackhat that once they get your router, "You're owned".

Thanks to Meg_St._Clair for at least considering the possibility that the poster is serious.  At times it appears that other people in these forums with 1000+ posts simply flame us poor idiots that get ourseves into  these predicaments as delusional.  They do a great disservice to people who seriouly need help. 

I will keep working at it.  Next is to get a new airport router and reconnect home internet service with a new comcast leased modem I think.  Bought Apple care on the new Macbook so I can talk til my hearts content to the professionals if I slip up and my new Macbook Pro starts misbehaving.  Will keep taking classes in networking and programming at the local community college.  Bad back so nothing but time to figure this mess out.  Will figure out what my guest hackers were up to at some point as I have pleanty of hard drives and other equiptment stashed at multiple locations to analyze once I figure out how all this stuff works. 

Good times...and if my wonderful network guests read this (I somehow suspect they just might), thanks for the entertainment.  Hope you are all amused.  I've got nothing but time.

Cheers!

chasing.rabbits wrote:

 

I suspect it is possible to hack an iPad even if the original user did not jailbreak it. It happened to me as far as I can tell with an iPad 3. 

No, actually, it's not. Having your router hacked is a whole different thing. Certainly no fun but it does't mean that your iOS devices were compromised. It does sound as if you're taking the appropriate steps to resolved the issue.

Best of luck.

Hi Meg St._Clair,

Just looking to pick your brain a bit.  From what I had been reading it appeared that a few proof of concept reports were saying it was possible but that iOS updates had since fixed the issue.  Again, I will defer to almost anyone who knows better as I am a bit of a noob at these things.

What I was wondering was if there was any sort of scan that can be run (I am comfotable enough with terminal and can get root when necessary) to verify an installed system's (for iOS and/or OSX)  integrety.  Driving myself nuts trying to get everything cleaned up beyond a reasonable doubt.  Will start a new topic if its preferable.

Currently trying to get rid of a remote disk that is showing on my new MBP and the dragging off while holding command key is not removing it.  May be normal but with my circumstances is aggravating.  I should most likely just take up needle point and leave computers alone at this point.

Thanks and Cheers.

chasing.rabbits wrote:

 

What I was wondering was if there was any sort of scan that can be run (I am comfotable enough with terminal and can get root when necessary) to verify an installed system's (for iOS and/or OSX)  integrety.  Driving myself nuts trying to get everything cleaned up beyond a reasonable doubt.  Will start a new topic if its preferable.

If you haven't jailbroken your iOS device, there's nothing to worry about. The Mac OS is pretty secure but you should probably start a new thread in the relevant Mac forum. There are a number of very good people over there who can direct you far better than I.

Best of luck.

I believe my iPad 2 is hacked also.  I literally lost control of it with it rapidly moving through programs and screens without me touching it one night.  Also, I was on a secure wifi signal and my iPad is not Jailbroken. 

Now it is frozen despite numerous efforts to restore and recover.  It will go days frozen and then I'll try a hard shutdown and it will randomly work for a few hours and then freeze up again.  It was frozen when I installed the recent update last week and then started to work.  I figured it needed the upgrade but it froze again yesterday and despite 3 attempts to recover over the past 24 hours it's still frozen.

I don't believe it's a hardware/screen issue but a software one as it keeps coming back and operates completely normally until it freezes, usually if it's been left on overnight or for a few hours as was the case yesterday in sleep mode.

It's only 2 years old and I don't think I will buy another iPad as much as I loved this thing if this is what happens with only a one year warranty to support and I end up with a $600 paper weight.

Evern if it is not under warranty, you can still take it into an Apple Store for troubleshooting and diagnoses.

What do you mean by "attempts to recover"? What steps did you take?

How about my ipad 4 randomly asking for verification? Except it's not using my email address, it's using c*****@qq.com. I have tried restoring through iTunes, but stops after language, country and wifi connection. Always goes back to asking me to put in the apple ID associated with that bogus email address. NOTE: not my apple ID that was hacked, because we can get into all of our other devices and have had no issued there.

There are numerous reports on the same subject. The only solution is bringing the iPad to an Apple Store, and showing proof of purchase (a receipt).

My iPad is linked an Apple ID I don't know

And therein lies the problem. I bought the ipad through Apple several years ago, but apparently Apple only keeps purchase info for 18 months. However, the serial number is registered to us in Apple's system, so I'm hoping that will be enough to get it unlocked. Normally I only keep receipts til the manufacturer's warranty runs out - this is the first time I've ever needed one so long after buying something. Learned a lesson on that one. Thanks.

Hello chasure,

If you can get into your iPad, you should check Settings>General>Profile for some tricky stuff. If there's something there you shpuld delete it. Good luck.

Unfortunately I can't get that far. I get to language, country and wifi before it stops me with that email thing.