By 
Owing to fresh changes in the Ryuk Ransomware encryption procedure, a bug in the decryptor is likely to result in data loss in large files.
Ryuk is a ransomware infection which targets government or private companies by gaining access to their networks and then encoding a large number of computers.
The hackers then demand large ransoms, occasionally in the millions, in a bid to receive a decryptor for their files.
According to antivirus and security company Emsisoft, Ryuk was lately adapted so that it does not encode the whole file if it is larger than than 57,000,000 bytes or 54.4 megabytes. This is done to avert the encryption process from taking too long, which could allow victims to more willingly spot that the ransomware was running.
Smaller files that are completely encrypted, however, will not comprise a block count in the footer.
Emsisoft said that a bug in the Ryuk decryptor is causing the size of the footer in large files to not be appropriately intended due to the variable nature of the block count.
While many files contain no data in the last byte of a file and it’s typically used as filling, some data files such as databases and simulated disk images do use the last byte. These types of files will then not load correctly after being decrypted.
Since the decryptor believes it is decrypting these large files properly, even when it isn’t, it will also decode the encoded version, making it it harder to recover these files after running the decryptor.
All Ryuk victims should be certain to back up all of their encoded data before executing any decryption, irrespective of where you received the decryptor.
This will shield your data in the case that a decryptor debases it.
