They do exist, and this Gatekeeper system is what is responsible for preventing malware.
When Zoom was found to have a serious security issue, Apple stepped in and blocked execution of the older versions of Zoom.
This would not be possible if malware just mutated to avoid detection. For this reason they want to attach a verified developer identity to applications, something backed by an individual's physical address or business records. You pay for this verification, and get a certificate to sign your applications.
New this year, they added a notarization service. This fixes some issues with signatures expiring, but is also built where Apple scans the application for malware before signing.
The scanning is new, but the developer id requirements have been in place since 2012.
If you distribute an unsigned app, the user will by default not be able to open it. You can set an exception as easily as selecting 'open' from the context menu and then saying you will allow the app to run.
You can also disable both the malware list and gatekeeper in general.
Note this is all separate from distributing in the Mac App Store, where you may run into additional policies around requirements for sandboxing, branding, use of private functions and frameworks, etc.
On linux, package signing is typically direct trust. You can manually choose to trust a packager who isn't trusted by your distribution, which is trusted by default.
I don't think linux distributions have anything to deal with malware after-the-fact, however.
They probably exist, but in my 12 years using macOS I've never had a virus problem nor heard anyone having one. Most people around me use macOS (coworkers, friends, and family).
I know it's anecdotal, but I doubt there is any objective data out there.
When Zoom was found to have a serious security issue, Apple stepped in and blocked execution of the older versions of Zoom.
This would not be possible if malware just mutated to avoid detection. For this reason they want to attach a verified developer identity to applications, something backed by an individual's physical address or business records. You pay for this verification, and get a certificate to sign your applications.
New this year, they added a notarization service. This fixes some issues with signatures expiring, but is also built where Apple scans the application for malware before signing.
The scanning is new, but the developer id requirements have been in place since 2012.
If you distribute an unsigned app, the user will by default not be able to open it. You can set an exception as easily as selecting 'open' from the context menu and then saying you will allow the app to run.
You can also disable both the malware list and gatekeeper in general.
Note this is all separate from distributing in the Mac App Store, where you may run into additional policies around requirements for sandboxing, branding, use of private functions and frameworks, etc.
On linux, package signing is typically direct trust. You can manually choose to trust a packager who isn't trusted by your distribution, which is trusted by default.
I don't think linux distributions have anything to deal with malware after-the-fact, however.