The links are in the form of:
hxxp://geqe.net/opera_mini/1965/opera_mini.auto#phpsessid=85cfe7f19a08b6387d0441a9d949bb95
Each has a different phpsessid value. The domain was registered last month (02/12/2012) and does not seem to host any legitimate content.
These pages redirect to another domain, mskmarkets.ru (hxxp://mskmarkets.ru/l.php?l=o4&r=2695&a=29#phpsessid=afe9720a74a56800a2bd682b171e9914) where users are warned in Russian that their browser is out of date:
hxxp://geqe.net/opera_mini/1965/opera_mini.auto#phpsessid=85cfe7f19a08b6387d0441a9d949bb95 |
When the user clicks on the Refresh button, the file browser_update.jar gets downloaded (and possibly installed, I don't have the right device to test). This malicious Java application is currently flagged by 8 of 43 AV engines as an SMS sender. This type of malware is very common on mobile devices. They are used for spam or contact surcharged phone numbers.
According to Wikipedia, Opera has a huge market share in Russia and Eastern Europe, with more than 36% of the browser market (only 2.7% world-wide).
With the lack of effective AV and other security tools on smartphones, especially on low-end devices, mobile users must be very careful about downloading and installing applications, especially outside of the official app stores.