Yes, these are known as conditional redirects. The malicious redirect will only happen when certain conditions are met based on different attributes of the connecting machine. Most of these conditions are based on the referrer, user agent, cookie or operating system. In your case, the user agent field is most likely being used to identify mobile devices.
If you are using Apache, a lot of the attackers will modify the htaccess file to set up these re-directs. Sometimes, the redirect with all the conditional logic will be injected on a homepage of a website. With these injections, the code is usually heavily obfuscated to avoid detection.
Here's a good article by Sucuri of a recent campaign using conditionals redirects.
https://blog.sucuri.net/2015/09/wordpress-malware-active-visitortracker-campaign.html