[bahorn]

Far from the most qualified to answer this but it's probably a mixture of market demand, the targets, mindshare and QA.

Higher value targets tend to use iOS more often so their adversaries have more interest in attacking it, and the targets are people who are more likely to come forward if they suspect being attacked. And given we've heard more of iOS attacks, people likely to be targeted are more on the look out for them, as a bit of a self fulfilling prophecy.

Android is considered a bit of a harder target for these types of exploits (playstore malware doesn't count here), though at this level it's not the most meaningful distinction. Fragmentation does make it harder to use these sorts of things in the android world, as it's a bit harder to do QA against all the possible target devices and probably requires knowing exact model numbers to confirm support before being able to launch an attack. The exploits do definitely exist however, at least for flagship phones.

Another thing to consider is that maybe people have better payloads on android, as you can't quite get away with running "Payload2" on the device from a temp directory when process viewers are available. I'm somewhat unsure that'd actually be a meaningful reason for lack of discovery though, especially when the discovery is mostly done by journalists forwarding suspicious links to citizenlab.