In a blog post, Emsisoft said this was because those behind Ryuk had made changes in the malware within the last fortnight that resulted in data being corrupted or lost while it was being encrypted on a victim's system.
"In one of the latest versions of Ryuk, changes were made to the way the length of the footer is calculated. As a result, the decryptor provided by the Ryuk authors will truncate files, cutting off one too many bytes in the process of decrypting the file," the company said.
Emsisoft's Brett Callow said that the company had devised a method to decrypt files that had been encrypted by Ryuk.
"Most of our decryption tools exploit a weakness in the ransomware’s encryption to recover files," Callow told iTWire. "This tool doesn’t, as Ryuk’s encryption doesn’t have any weaknesses.
"What we do, in simple terms, is pull the decryption key from the tool the bad actor supplies (after the ransom is paid) and put it into our tool. The bad actor’s tool causes data loss; our tool does not."
Any victims needed to make back-ups of the files that were encrypted by Ryuk in order for this method to work. "If you’ve paid for a decryptor but have yet to use it, either back up your files before running it or get in touch with us instead," Emsisoft advised.
"Our tool will enable you to safely recover your data whereas the tool supplied by the bad actors will not."