Both platforms are probably not equally easy to exploit
Consider that the vast majority of Android "malware" consists of games or toy apps that request every permission under the sun and the user has to agree to let that app have those permissions at install time. Now, consider that apps also request permissions on iOS but, rather than listing all the permissions they'll want at install time, they request them the first time they try to use them. It's a user decision in both cases.
both platforms probably do not provide equal returns
All you're likely to get from a phone, in any case, is a contact list, schedule (calendar), and some photos; you can grant full access to all of that on either platform. You can also send mail or text messages from an app on either platform, if the user grants those permissions. Android does allow full filesystem access (again, if granted by the user), but iOS also allows access to stored documents (including iCloud, so not just what's on your phone, which could potentially be worse). Neither platform allows system files, configuration, or application files to be overwritten unless rooted or jailbroken; and Android not only needs to be rooted, but also specifically configured to allow those behaviors and the app granted root access (which is not the default). I'm not positive about iOS but I don't recall seeing any way to manage root privs when I had my jailbroken 3Gs, which would make jailbroken iOS much more vulnerable than rooted Android.
(Obligatory apple users easier to deceive yet wealthier comment here)
I don't know about wealthier; as an Android user with a job, I've bought my unemployed wife her last 3 iPhones. As for easier to deceive, well, I wasn't gonna go there but... One of the two platforms is marketed to people who just don't want to have to give a shit about security. That's not an inherent flaw in the platform so much as it is a flaw in the marketing, though, and it's only the user's fault insofar as they tend to place entirely too much trust in a corporation that places profit over people. Google is no better in the latter regard, but at least they don't do the former; Android users (generally) have no illusions that their devices are any more or less secure than any other computing device.
Android and iOS are both fine platforms. Neither is perfect, neither is as secure as we'd like, but they're the best we've got at this point. I do feel that iOS is somewhat hamstrung by Apple's policies (NFC finally comes to iPhone, but only for Apple Pay? Proprietary connector that brings nothing to the table but the ability to plug in both ways and a new licensing revenue stream for Apple? No, thank you). As a result, will never own another iPhone; I've been using NFC for more than just payments for a few years by now, and think it's great that almost every rechargeable device I buy now uses the same micro-USB cable. Even iOS accessories. It's great, it really is, if I ever find myself needing a charge while I'm out and about; everyone has the cables, everywhere, and they're so cheap and plentiful that people don't mind lending them; that doesn't seem to be the case when my wife's iPhone runs out of juice. Mind you, I love my iPad, but it also doesn't leave the house all that often, so charging is rarely an issue, and none of the other restrictions that bother me when talking about the iPhone (an always-on-me device) seem to apply, either.
New York... when civilization falls apart, remember, we were way ahead of you. - David Letterman