IIS Malware is a phishing scam
Netcraft are reporting that malicious code downloaded from compromised IIS servers onto users machines includes a trojan that records keystrokes in an attempt to steal e-commerce login information. There are potentially serious ramifications for Microsoft as well, since the exploit used to spread the trojan appears to have infected end users with fully-patched web browsers. Several accounts suggest some compromised IIS servers were also fully patched.

Lurhq have a full analysis of the trojan here