Krebs has put a post about it: http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secur... excerpt: "Doubters soon questioned whether the redirect was a hoax or the result of the TrueCrypt site being hacked. But a cursory review of the site’s historic hosting, WHOIS and DNS records shows no substantive changes recently. What’s more, the last version of TrueCrypt uploaded to the site on May 27 (still available at this link) shows that the key used to sign the executable installer file is the same one that was used to sign the program back in January 2014 (hat tip to @runasand and @pyllyukko). Taken together, these two facts suggest that the message is legitimate, and that TrueCrypt is officially being retired. That was the same conclusion reached by Matthew Green, a cryptographer and research professor at the Johns Hopkins University Information Security Institute and a longtime skeptic of TrueCrypt — which has been developed for the past 10 years by a team of anonymous coders who appear to have worked diligently to keep their identities hidden. “I think the TrueCrypt team did this,” Green said in a phone interview. “They decided to quit and this is their signature way of doing it.”