Lately I occasionally get redirected to other websites when I load some news websites.
It could be a banner redirect I guess, but I suspect something more sinister.
The iPad is NOT jailbroken and runs the latest iOS 5
Last three incidents were
- clicking a link in an email from linkedIn which linked to an article on Forbes.com. When the article loaded, it was replaced (or a link popped up in a new window – not sure now) with a site that was surely not a forbes advertiser.
- using the twitter app, I clicked a tweet from spitsnieuws.nl, it opened a pane inside the twitter app with the article, once it had loaded, it was replaced with a site surely not a spitsnieuws advertiser.
- this URL got replaced after load. So I'm pretty sure it is an ad server issue
http://www.java-forums.org/java-applets/30447-java-print-service-applets-ie.html - another URL http://www.dailymail.co.uk/news/article-2168061/French-electrician-stranded-Moroccan-desert-rebuilt-wrecked-car-motorbike-drove-civilisation.html
I can only imagine both situations were safari or embedded safari, but I do not know how the official twitter app loads web pages into its own pane
Googling for malware on iPad has so far turned up nothing.
Suggestions? I can of course revert to factory default, but it would be useful to know what I had encountered.
Looking at the dsn settings, they start with 10. so local to my network – none of my other devices (iPad3, iPhone4/4S, iMac, macBook (yes, I'm a fanboy) ) on the same network shows this behaviour.
For now I have cleared cookies and application data. I will try to reproduce.
Best Answer
I have not heard of any exploit that would produce this behaviour.
The fact that the pages DO load, and only switch to another page AFTER they have loaded, indicates to me that the problem lies within the page itself. For instance some "evil" Javascript is inserted into the page causing it to redirect.
If the problem was in the OS, for instance messing with DNS, I would expect that you would never be able to reach the page and you would immediately be getting the "evil" page.
Ad networks have often been used for this kind of abuse because there are many parties providing content for ads, so it is hard to check everything that goes on. I would think that an evil advertisement is much more likely to be the cause of this problem than any malware on your iOS device.
You could try using your iPad via proxy and monitor the traffic that comes through. You could set your computer to share its internet connection over Wifi, and run a html proxy on your computer. And then look in the transferred code to see if you can identify the cause of the redirects.