App store monopolies have not meaningfully hindered this.
To your first example: Most malware infections on PCs today are distributed by the Chrome Web Store. (Preventing malicious extensions was Google's excuse for blocking third party install... but since they don't even attempt to control malware they distribute first party, it's hilarious.) If they tell you they have a virus, open their Chrome extensions tab, remove everything, and you're good.
If anything, centralized app stores magnify the problem: By making every single app submitted look like it's coming from a reputable source. If app stores did any realistic good job at policing malware, instead of focusing on policing their revenue tax, they might be a benefit.
But again, malicious apps can have millions of installs and nobody does anything about it. Epic decides to charge 18% less and circumvent Google and Apple's taxation, and they act in less than 12 hours.
App stores do hinder this when they are resonably well moderated. Google makes almost no effort to do this. The extension markets for Firefox and Safari are comparatively malware-free next to the Chrome extension store.
Indeed, the problem is scale. Companies like Google and Apple end up employing cheap, low quality labor to review apps and extensions instead of high quality technical personnel.
Bear in mind, if Google and Apple had to compete in this aspect, it's possible users would actually choose and prefer a third party store with better curation. So they'd have an incentive to improve their review processes.
Apple's own store proves this incorrect. Apple's App Store has VERY few instance's of Malware (at least in the sense of exploiting security issues). The App Store does have an ongoing issue with dark patterns and subscription fraud, no doubt but in general Apple's App Store is the by far the best and safest App Store for consumer. I'm an app developer and the App Store has more than it's share of issues like discovery and subscription fraud but ALL of those issues are worse on other more "open" platforms.
There are a lot of non-technical requirements for the Apple App Store, for instance on what an application can do with bluetooth, local networking, contacts, photos, and location data - even after the user gives access approval for them.
Another great example is the target of the Apple/Facebook spat currently - Apple has not just said that the developer needs to go through the OS-dialog approval to use the IDFA (identifier for advertising) to track users, but to do _any_ cross-organizational tracking, including using mechanisms that Apple does not have technical protections for.
Apple developer accounts involve real-world identity verification, so that (hopefully) abuse results in an actual ban of the company and people rather than just of a throwaway account.
To your first example: Most malware infections on PCs today are distributed by the Chrome Web Store. (Preventing malicious extensions was Google's excuse for blocking third party install... but since they don't even attempt to control malware they distribute first party, it's hilarious.) If they tell you they have a virus, open their Chrome extensions tab, remove everything, and you're good.
If anything, centralized app stores magnify the problem: By making every single app submitted look like it's coming from a reputable source. If app stores did any realistic good job at policing malware, instead of focusing on policing their revenue tax, they might be a benefit.
But again, malicious apps can have millions of installs and nobody does anything about it. Epic decides to charge 18% less and circumvent Google and Apple's taxation, and they act in less than 12 hours.