HELP: I think my iPad was hacked overnight ** pls help :(

hey everybody

i went on vacation to my father's beach house and brought my ipad, i am very very careful about all personal information and security...

he has a comcast connection and had a secure WEP password, it was a comcast three in one, phone, tv and internet router

anyways last night, i put the ipad into sleep mode at 1am (which i do all the time at home, never had a problem), locked the doors to the house and went to bed with the ipad in the night stand drawer next to my bed. only my wife and i were in the house...all week.

i wake up this morning and turn on my 64gb/3G 1st gen ipad (running 4.3) at 11am. i entered my 4 DIGIT PASSCODE to unlock the ipad and i click the safari app in the dock and 9 pages of history automatically opened up to sites i had never been to. so then i checked safari history and there were about 150 web pages visited, most notable, amazon.com

so freaking out, i check my email and sadly someone had ordered around $8,373.00 through my amazon.com account... they ordered android tablets, macbook pros, videos, cameras, kindles, etc. with everything shipped to my home address. the confirmation emails started coming from amazon at 8:15am-10:45am, just before i checked the iPad at 11am.

how could this happen? has anyone had an experience like this? or know what i am talking about?

i then drove immediately to my cousins house 2 miles away and changed all my passwords to EVERYTHING on my cousins hard-wired laptop NOT my ipad that was compromised....i also notified all 3 credit bureaus and put a fraud alert on my wifes and my social security numbers .... that they would have to call me before opening new credit cards, etc.

i then called the police and had them come out and note the incident, i changed all banking passwords, canceled my credit cards, revoked all bunk amazon charges and changed my password to changed my ebay, paypal, facebook, etc...

******** here's the kicker... Apple iPad Applecare rep said it had to be a close job ... someone had to get within 50-100 feet of comcast router and do it from there...

********SO RIGHT AS MY WIFE AND I LEAVE --- this kid walks down our barren vacation road, with a PC laptop OPEN in his hands, looking at it ....i asked what he was doing and he said going to his grandparents to use the internet, i said why is your laptop open, if you are just carrying it ??? and did he know that my router was broken into and my accounts hacked?? he looked young.

he acted so suspicious, so i called the police on him, he was walking around the neighborhood with the laptop open going up to houses and in back of them..... the police said his parents claimed he was going to his grandparents to use the internet, he was a minor... this is SOOO SUSPICIOUS!!!!

could he have hacked my ipad this morning??? from walking up to houses?? i mean 9 ipad windows were open...my passcode was bypassed and $8300 was ordered from my amazon.com account.

i left vacation and drove 2 hours home immediately after, i stopped by the genius bar at the Apple Store tonight and they ran diagnostics and looked at me like i was crazy... they had never heard of what i said before .....

they said i had really "low memory" cause there were a ton of Apps running... but when the genius double clicked my home tab, only weather.com, safari and mail were open. why was this??? were there Apps running in the background? could someone put a hidden App on my ipad?? my ipad is not jailbroken... could i test it somehow to see if it was??

I REALLY NEED YOUR HELP!! Apple Genius and Apple ipad Support and Care tossed me out like a wet towel.. said i could do whatever and that the Comcast network was probably compromised ... Comcast in turn is blaming Apple, that i probably downloaded an unsafe App months ago that had a keylogger on it and they waiting 6 months to nail all my accounts...

what should i do? is there anything you can think of??? i have not connected the iPad to my 3G network from AT&T nor my home WIFI... i also deleted about 30 apps i don't use in casae they had a keylogger, but i didnt think ipad had a keylogger unless it was jailbroken, mine is not.

or do you think my ipad was keylogged??? what apps could do this?? i got rid of Skype, Spotify, cause it sent my a security / virus email.... im so upset and dont know where to begin, any help would be MUCH MUCH appreciated and good karma comes back 10X fold... any ideas or anything would help.

i have to go to bed after this tragic long 13 hour miserable day ....

thanks for your help, smitt

thank you to everybody who replied, i am not a troll at all, ive been on here since 2008... read my past posts,

i am still scared and super paranoid now, one type i made was that the amazon amount was 8300, it was actually 4300, i was typing in a rush... so thats why i think the cc company didnt contact me, cause it was under 5000

so do you guys think it was my dads vacation house router that was hacked? or all along could it have been my home wifi network, with someone just accruing information and then when i went on vacation, they stuck??

thank you everyone so much again, any more info you have would be greatly appreciated....hopefully if this thread stays topped, somebody might have seen this scenario before, thanks guys - smitt

NoStopN said:

If the iPad was physically turned off while he was sleeping, then the iPad wasn't on the network & couldn't be hacked. Someone may well have been able to get onto the router network, but they would have only been able to surf on their own computer (unless they physically came into the house & used the iPad).

On a separate note, the kid could have been learning hacking the hard (& stupid) way. I mean, Comex (who does most of the iOS JBs) was in an article last week that said he was 19.

Click to expand...

thanks nostopn,

my ipad was actually in sleep mode, but i did have a passcode with 4 digits set... if it was in sleep mode, could somebody have used it over the router??

i have used apple products for more than 20 years and NEVER seen anything like this, i felt so violated... i mean 9 browser windows were open on my safari on the ipad and it had 150+ pages of sites i never visited...and emails back to me from amazon.com

if it didnt happen to me personally like this, i would have a hard time believing this story too... but i dont know what to do now??

1) should i wipe the ipad and all my data in the apps?? is there some invisible app running and hogging all the memory?

2) should i just let it go cause it was a WIFI break in on my dads router, 2 hours away from my home??

im scared to even turn it on my WIFI network at home, out of fear that they could access my network once it is turned on and out of airplane mode...

OR... could they have broken into my home network a long time ago, been watching me, and knew i was going on vacation and tried to strike while they thought i was away???

with the 9 safari windows open and an email stuck in my wifes mail outbox, i tend to beliebe it had something to do with the vacation house router...

thank you all so much for helping already, smitt

also, if they didnt have physical access to the device, and couldnt get throught the passcode, how did those 9 browser windows open up??

could it have something to do with the find my ipad app from apple??

i dont know, im just shooting in the dark here.

i also got rid of spotify premium, cause it let me download tracks while i was offline to keep on my ipad and play when i was out of wifi or 3g streaming distance.... you would have thought you would hear about this then over the internet or news...

i also deleted pocketcloud app

and skype for ipad which i downloaded last week, and skype for iphone --it was sending me a weird number that was calling me (yes i have a skype phone number) on tues night and then a virus email voicemail notification thurs night (last night, when i got home),

i also downloaded an app on the vacation wifi network from itunes.. on the router that seemed to be compromised..

... sorry if im rambling, i just want to get this taken care of !!!

NoStopN said:

I just skimmed back over some parts of your first post. I don't think that iPad apps have keyloggers. If they do, there should be a way for people downloading the apps to be made aware of that. I also thought I read where you are not on vacation any longer, so having access to your dad's router is out. If you are still at his place & have access to the router settings, I'd advise doing that & changing settings on your home router as well. You can't be too safe. If your dad uses his router while he's away (for remote access), call him & inform him of the changes that you made. Otherwise, just leave a note with that info on it.

Click to expand...

thanks nostopn

i am at home and not at my dads vacation house... i have a generic westell router at home from verizon DSL, can i make those changes on this router here at home that you suggested, i am very new to this... are those the ones munkery posted in this thread?? and yes, if i wasnt scared crapless right now i would be laughing very hard at the binging on coke and blacking out on amazon... because trust me, i wondered if i blacked out too and sleepwalked and did this at amazon...

Blaine said:

Were the items bought stuff that you'd buy for yourself? Also do you take ambien or other sleep meds? They can make you basically "sleep walk" and not remember a thing the next morning.

I am sooooo not accusing you of anything, but am just throwing out ideas.

I used to take ambien, and at least once, I remember buying a high ticket item while on it, and then just barely remembering it the next morning. I ran to check my email, and sure enough, I had ordered it. Thankfully, I was able to cancel the order before it shipped.

Click to expand...

no they ordered an android tablet - im an apple guy would never order that

they ordered 2 - 13 inch macbooks pros, i dont need those, i have computers

they ordered a kindle, we already have one, so i would never re-order that

thanks for trying to help, trust me, i even wondered these weird questions too

NoStopN said:

Is the Verizon router separate from the modem, or do you have one "box" that does it all? If you have a computer that connects to the wifi router, then it should have made you set up a home network. You may remember when. You first got the service that you had to do some things related to getting each wifi device to access that network. If Verizon handled everything, then you should call them & see if there is a way to get the info on how to change the login & password info. If they can be of no help & you never had to set anything up to get your home wifi running, then it's time to get your own modem & router. There are also aftermarket models that do both jobs. This would allow you to control all of that information & allow you to change it when you need to.

As for the browser being open to 9 pages, that could have possibly happened if someone else was on the router. I think someone could have used a VPN to access the network & possibly the iPad. I've heard about people using VPNs to forward stuff from their PC to the iPad, but I'm not 100% sure how a VPN interacts in those situations. I could be completely wrong about that. But, if they just wanted to surf, then why would they bother to try to access your iPad? Why try to go through your passcode? These are the things that make the story harder to believe. It's been said that jailbroken iDevices are "more susceptible" to being hacked that non-jailbroken ones. Has your iPad ever been jailbroken? And, if you can take care of changing the login/password settings of your home network, then just change that info in the iPad & fear no more.

Also, I have heard in the past that Skype has had problems with security on mobile devices. I don't know why I was in such a hurry to download it when it became available for the iPad because I don't have an account. As for the app which you downloaded while on vacation, it is most likely fine. Apps can't be broken into too easily. As for the piece of mail stuck in the outbox, you could always stop by a McDonalds or Starbucks & hook onto their wifi for a few minutes so that it gets sent. Other than changing passwords for your accounts (banks, Facebook, tv streaming apps), all of the other apps should be fine.

Click to expand...

thank you so so so so much!

verizon gave me the all in one westell wireless modem?? that connects to my dsl line, i remember setting up the network with them and their instructions...

i will give them a call today - i also believe maybe the kid did something with VPN.... the AppleCare guy said if he was accessing our wifi at the vacation home, my ipad might have picked up some of the pages he was browsing if it was in sleep mode.... maybe that's what happened?

regardless i changed everything, all passwords, from a separate laptop on my cousins secure network... hopefully this will work for now, i really really dont want to wipe the ipad, but i dont want to be a sitting duck, unaware of what is going on if it could be something in the ipad...

thank you so much -- honestly all of this DID happen... i would never make it up, im an apple freak who loves apple stuff and usually know whats going on... i dont use PCs and i really really really appreciate all your guys help and time !!!

any other advice or tips, pls post them in this thread, ill owe you guys one for helping me so much smitt

munkery said:

Hacking an iOS device requires an exploit for a local privilege escalation vulnerability. This is required to enable bypassing DAC and the sandbox.

The following is a list of past incidences of this type of vulnerability in iOS.

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Apple+iOS+gain+privileges

Two of the items in that list were found by Comex. It took 10 months to develop the second exploit.

Why would someone with that level of skill risk exposing their exploit for crime when they can make more via prizes from a hacking contest, such as pwn2own, or via donations received by releasing a jailbreak?

I doubt your iPad was hacked.

Also, a VPN is not a reasonable explanation for the pages in your history.

Click to expand...

thanks munkery...

that is exactly what is boggling me to... how did those 9 pages open in my ipad safari window... unless someone came in and used it?? but everything in the house was locked. so thanks, im glad my ipad was not hacked.

and i also was confused how someone breaking into the comcast router/modem could cause 9 pages of history on my ipad.

the AppleCare iPad support guy said that if somebody hacked my comcast router/modem and my ipad was connected, but in sleep mode, it might have opened those pages 9 open windows and a history of about 150 pages...

thanks for helping me you guys - i have never ever seen anything like this before, i freaked out so badly when i opened my ipad yesterday morning and saw all of this....

* question... Could my iMac (that i use itunes on at work to sync my ipad) be compromised with a keylogger??? and then have it spread to the ipad when i was syncing it?? is there any way to look for a keylogger on my iMac??

thanks again, you guys are awesome and really helping me out
smitt

xjosh said:

I think you are a troll.

Click to expand...

josh, why would you say that? ive been on the boards since 2008, check my history and threads.. they are all apple questions or comments. all im trying to do is figure out what happened to my ipad, im really sorry that you think im a troll, but that is the farthest thing away from the truth, i hope you can understand that. i am a good guy, always have been, always will, what benefit would i get out of this if i was a troll?? seriously.