Glad you were able to get back up and running without any big problems. Frustrating lesson learned. Sometimes, we all get a little lax with some things and can quickly found ourselves in a similar predicament.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
All iPads Virus on iPad
- Thread starter DiamondarBoss
- Start date
- Sort by reaction score
I have seen a "hacked" iPad mini (1st generation) before on YouTube, but I can no longer find the video.
Yep! After a evening of Resetting all my Apple Devices and setting them up again, it’s all gone. Hopefully it stays that way.
1. iPad and iPhone can not get virus, unless you jailbreak it. a loophole on iOS can usually worth ~$100,000+, often reaches $1million. it's just not worth it to 'hack' your iPad.
2. you'll need to post the entire path to those files, but they look to me just like some website files. are you using any 'web apps'? are your apps all from App Store? if all your apps are from the App Store I won't worry too much.
3. most commonly used way to achieve something like a 'virus' on iPad, iPhone or even Macs are by tricking you to install their profile. only with their profile installed can someone do something to your device without your input.
4. for iPhone and iPad, you can always wipe it clean. if you wipe it and the problem is still there, and your device is still under warranty, congratulations you'll likely get a new device if you bring it to apple.
2. you'll need to post the entire path to those files, but they look to me just like some website files. are you using any 'web apps'? are your apps all from App Store? if all your apps are from the App Store I won't worry too much.
3. most commonly used way to achieve something like a 'virus' on iPad, iPhone or even Macs are by tricking you to install their profile. only with their profile installed can someone do something to your device without your input.
4. for iPhone and iPad, you can always wipe it clean. if you wipe it and the problem is still there, and your device is still under warranty, congratulations you'll likely get a new device if you bring it to apple.
these files are linked to browser extensions, they are adware on desktop, but iPadOS does not support extensions so there is no risk, you could just delete them, a reset wasn't necessary...
just for the protocol: per se manifest.json files are not malware. They are used to allow offline storage of progressive web apps and pin them for example to the home screen (see Digitalguy comment above). Safari does not fully support this at the moment (e.g. example here), so these files might be downloaded. Presumably you find all of them inside On My iPad->Downloads. Best to my knowledge deleting them is just sufficient.
Last edited:
Just to clear the air, lets get an idea what a .json file is, or is meant to be. Apparently it's related to Javascript.
Javascript is not Java, but a language all its own.
The existence of the files is not necessarily dangerous, if no apps use them. But their continued existence on a 'contaminated' device could pose a threat to the security and functioning of that device inn the future. Getting rid of them is not an overreaction, but a proactive step against a future app installation to potentially read/interpret those files. It's weird to see such an attack on a rom based device, but apparently the loader script can't tell the difference between a 'computer', and a 'tablet' loading its payload on all devices, and the iPad's local storage makes it just as vulnerable. The Apple ecosystem also seems to provide a new novel way for infections to spread amongst a users many devices. We should all be aware of the potential for that service to be exploited in the future, and hope that Apple has enough safeguards to protect us.
Carry on...
Javascript is not Java, but a language all its own.
The existence of the files is not necessarily dangerous, if no apps use them. But their continued existence on a 'contaminated' device could pose a threat to the security and functioning of that device inn the future. Getting rid of them is not an overreaction, but a proactive step against a future app installation to potentially read/interpret those files. It's weird to see such an attack on a rom based device, but apparently the loader script can't tell the difference between a 'computer', and a 'tablet' loading its payload on all devices, and the iPad's local storage makes it just as vulnerable. The Apple ecosystem also seems to provide a new novel way for infections to spread amongst a users many devices. We should all be aware of the potential for that service to be exploited in the future, and hope that Apple has enough safeguards to protect us.
Carry on...
they can't tell the difference because the device appears as a Mac, not as an iPad, since IpadOS 13. Again this is not malware/adware that can do anything on iPadOS, other that wasting space
Well that’s good to know. I still reset my iPad though, just to be safe and to have that Peace of Mind.
yeah, why not if you had no important stuff that could be lost by resetting. Anyway, at this point IOS and iPadOS are the safest OSs on earth... since they are the only ones that are virtually completely sealed (other than, as someone mentioned, if you install a profile, but that is not something any webpage or app can do on its own, you have to install it yourself...)
As you stated this is not dangerous (JavaScript) if no app uses them - so why choose to use ‘pose as a threat’ and ‘such an attack’ as decription related to JavaScript?
The iPadOS is smart enough not to execute this code - and most likely IS legitimate code from the inbound iMessage/Email that our OP received. Since Safari, Chrome, Firefox, Edge, or any other iPadOS compatible browser has natively sourced/opened the files - there shouldn’t be a need to spread any FUD (as I quoted above).
Files downloaded are usually saved in the iCloud download location and sync’d hence why our OP found them also via his/her iPhone.
- Just delete the main folder they’re in or group select and place them into a folder and purge that folder. Wait a few minutes for the sync to occur, delete the source message as well prior to purging the folder with grouped .json files and done.
Wiping and restoring from backup is a very slow shotgun solution I’d personally save for last resort. I‘m sure someone mentioned to delete them and I read ‘trying’ yet not sure if that was too tedious or non-successful - I may have missed it if our OP actually stated either or if that was completed prior to wiping and restoring from iCloud backup.
Oh well, at least it‘s resolved.
Well, I resetted them both just for the peace of mind. That way, I know everything is deleted.
The resetting/setting up process only took about 30-45 minutes for everything to go back to how it was. Yes, I lost my LumaFusion Editing Projects and progress in a few games, but I’m fine with that.
The most annoying part of this whole ordeal was trying to redo my home screen, lol.
Oh man I hear ya. Home Screen editing on iPad is a ruthless pain. I really hope the next update allows mirroring of setup with iOS for the same iCloud account.
Ikr! I had to also reset my iPhone. It was worse on iPhone because of the smaller screen!
General definitive Statements like that in 2021 are silly. While the average user is pretty well protected, the higher up one is on the food chain in society state sponsored attacks become the concern.
If you can point me to any iOS viruses in the wild that are a risk to any of us, I will be glad to amend my post. I don't believe I said anything inaccurate. If the OP had spoken about Malware concerns, my reply would have been different.
Last edited:
Microsoft had something similar with Windows 8, but that was removed for unknown reasons I believe.
Go to Settings, Calendar, and look at Accounts how many accounts are there ? Should only be 1.
I remember the horror when I discovered my IIcx was infected with the Scores virus. Not a very dangerous infection, but still...
Saying the iPad and iOS are immune from virus infections is just nuts. Everything has flaws. As the operating systems have gotten more complex, they have left flaws that only require someone to locate them to exploit them. Apple giving away the hackable iPhones was a great idea to help them identify flaws that could allow for the mass variety of infections. And not all of the possible infections involve loss of data. Imagine a virus that fills the trash with huge yet empty files, or siphons off clock cycles to make the devices unusable, or tweaks notifications, or a whole host of things, and not all of them being readily apparent. Heck, Symantec Enterprise Antivirus from a few years ago is something I'd classify as a virus itself! The log files would gradually get so large they would crash servers, filling all available space. Ironic, huh. Even setting limits on the file sizes didn't work. Yikes...
Saying the iPad and iOS are immune from virus infections is just nuts. Everything has flaws. As the operating systems have gotten more complex, they have left flaws that only require someone to locate them to exploit them. Apple giving away the hackable iPhones was a great idea to help them identify flaws that could allow for the mass variety of infections. And not all of the possible infections involve loss of data. Imagine a virus that fills the trash with huge yet empty files, or siphons off clock cycles to make the devices unusable, or tweaks notifications, or a whole host of things, and not all of them being readily apparent. Heck, Symantec Enterprise Antivirus from a few years ago is something I'd classify as a virus itself! The log files would gradually get so large they would crash servers, filling all available space. Ironic, huh. Even setting limits on the file sizes didn't work. Yikes...
this is in public by private teams...
Bug Bounty Hunters Earn $1.2 Million at Chinese Hacking Competition
Bug bounty hunters have earned a total of over $1.2 million at a major Chinese hacking competition, including $180,000 for iPhone exploits and $100,000 for Chrome exploits
You moved the goalpost.this is in public by private teams...
Bug Bounty Hunters Earn $1.2 Million at Chinese Hacking Competition
Bug bounty hunters have earned a total of over $1.2 million at a major Chinese hacking competition, including $180,000 for iPhone exploits and $100,000 for Chrome exploitswww.securityweek.com
The OP was concerned about having been infected with a virus. I correctly stated there are no iOS viruses in the wild. The OP didn't ask about Malware nor did he express concern about being hacked. If he had expressed concern for the latter, I would have made a different comment.
I have not provided any misinformation in the thread. I challenged you to correct me with fact and you can't. Linking to the article you did has nothing to do with what I stated and the OP's concern. A bug bounty is oranges compared to the Apple subject.
You were wrong to chide me and make it look like I gave inappropriate advice.
Last edited:
Guys, the problem is resolved. There is no reason to be childishly arguing. I appreciate everyone’s help regarding this subject.