Blacklists is what the user understands
"Simple signature based detection" was *never* good enough for reliable protection against malware, because even a trivial change (i.e., the creation of a new variant) could bypass it.
Unfortunately, it is the only kind of protection that the average user can understand, maintain and use. A scanner tells the user "no, you don't have a virus" or "yes, you have a virus, do you want me to remove it?". As opposed to that, a heuristic analyzer says "This file could contain a virus". Well, does it, or does it not? A firewall says "svchost.exe tries to communicate over port 1900". What the heck does that mean? An integrity checker says "File foo.exe has been modified". Did a virus do that - or was it the Windows Update? A behavior blocker says "msvc.exe tries to write to Bar.exe". Is that a virus or a compiler? And so on.
The proper way to protect against malware is to implement defense in depth - by using a combination of all available techniques. Unfortunately, the average user can never do that. Whitelisting is not a panacea. Nothing is. Some techniques like that are applicable in a very small set of restricted environments, with competent security administrators and where security is more important than convenience. The rest of the world will happily keep using scanners.
Nothing has changed in this aspect for the past two decades. Two decades from now, it will be the same - people will keep using scanners, scanners will fail to protect them adequately, and some "experts" will keep pushing their pet alternative panaceas which almost nobody will use.