It's a marketing issue. People likely to get hit with ransomware are incredibly unlikely to understand what that means. Hell, even main devs have trouble writing contracts, so even if a user knew there was a smart contract, verifying it would be another thing. So it'd get reduced to "guys on Twitter said this one works".
Since you can't store the private key needed to decrypt the files in ethereum, I can't think of how to do this.
All blockchain state is public, since it needs to be calculated by and verified by all nodes, so there's nowhere to stash a private key without revealing it.
