Fake Trusteer Rapport application is related to malicious websites set up as command-and-control servers for several Zeus/Zbot botnets. The server-side Zeus application checks for the User-Agent string of the requests and delivers the malicious payload based on the browser type. Kaspersky Labs is the next target after the Trusteer toolkit and Andr/SMSRep-B. The malware attempts to get the unique device id number and transform it into an activation code The fake activation code is then displayed in a standard Android view.”]
Source: https://nakedsecurity.sophos.com/2011/07/14/zeus-for-android-update/