Today, security enthusiasts woke up with a shocking news that TrueCrypt has ended its development and warns users that the tool used for encrypting drive is not safe to use.
Users who try to access the official TrueCrypt website are being redirected to the official sourceforge page of Truecrypt(truecrypt.sourceforge.net/). The page displays the following message:
“WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”
The message continued “The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images. Such integrated support is also available on other platforms .
The page suggests users to migrate any data encrypted by TrueCrypt to encrypted disks supported on their platform. It also has provided steps for migrating to an encrypted BitLocker drive.
Many, including me, are not able to believe our own eyes. It is uncertain whether it is official announcement from the development team or some one has hacked the Truecrypt website.
Matthew Green, who teaches cryptography at Johns Hopkins, researcher involved with the TrueCrypt audit, tweeted that he thinks the news is legitimate.
A new binary (Truecrypt v7.2) has been uploaded to sourceforge page in the last 24 hours. Upon opening this binary, the following error message is being displayed:
The binary is not allowing users to “create new volume”. It only allows you to mount the volumes. Users are advised not to download this latest version, as it may contain malicious code.