No, it's a user problem on both OS's.
Installing random shit from untrustworthy sources is a much more likely source of infection that a zero-day, network-based exploit, etc
Not every OS allows you to simply click on a random installer/eventually (maybe enter a password) and get owned.
IOS on phones doesn't.
Android requires you enable untrusted sources.
It sounds like not including a GUI app by default to click-install random packages (outside the package manager) is the extra step for various Linux distros. That's not a problem, that's a good idea.