Thank you Thomas for the excellent very informative article.

How many people, even in IT, have you discovered that maintain even a minimum level of "usable" backups, let alone those that have tested their backup software's ability to restore files? With ordinary users I can say I have NEVER met a user who gave more than lip service to making backups. They seem to understand the concept but lose interest as soon as the subject ends. This goes back 30 years in the business.

Every professional I've worked with in IT knows their backups. Every client I've worked with learned their backups, if only a local backup. When I've given talks and pointed out that 'Make A Backup!' is the #1 Rule of Computing, I commonly get the glassy eyes effect. When I point out that if they don't make backups they are not qualified/ready/prepared to use computers, it's common to see defensive glances. And then I point out that, like it or not, we're still in The Dark Age of Computing. They're going to lose critical data if they don't back up. And I glare at them. (O_O) ;-)

I probably lack the proper leadership properties.

This ransomware is causing a lot of trouble to users, and Apple needs to do something about this soon. People's privacy is being invaded here, and if something doesn't happen regarding this, Apple will get a bad name.

What is sad, is that at this moment 19:00 CET, only 3 AV are detecting this malware... see virustotal.
Why not share directly (email) the information among other companies: AV/ISP/REGISTRAR/CDN/DNS-with-filters?

https://www.virustotal.com/...

This information HAS actually been privately shared among a number of different Mac researchers, at many different companies, who work together on stuff like this despite being competitors. Plus there are hashes up on Twitter and in several different blogs, so any security company not involved in such collaboration can obtain the samples from VirusTotal. At this point, anyone not detecting it is simply not that interested in protecting their Mac customers.

That said, though, be aware that VirusTotal detections are not at all representative about what a product will actually detect. For example, the Malwarebytes engine listed on VT is only our Windows engine, and thus will never show a detection for any Mac or Android malware when those engines actually will detect the file. Please avoid judging a company based on VirusTotal numbers.