If it was so rare, then there would have been no need for the plethora of software made to get rid of malware like CCleaner and malwarebytes and ninite.com and so many others.
Not that any of those save you from malware, necessarily. Nor the App Store - NSO has proven that you don't even need to install anything to get your iOS devices compromised. At some point, we have to acknowledge that all cell phones rely on their user to not mess things up. Even on iOS you can respond to the Nigerian Prince on iMessage with an Apple Pay of $300 (to be repaid as $1,000,000 in the Kingsland, of course).
If people want to use only Apple-sanctioned apps, that should be an option. It should not be the impetus for keeping features off the iPhone though.
If people want to use only Apple-sanctioned apps, that should be an option. It should not be the impetus for keeping features off the iPhone though.