There's ransomware, but if it had the same level of impact you would be hearing about it in the news. Except that you are not. What you are hearing about instead is WannaCrypt on Windows, because that has a more significant impact.
The difference is in the delivery method. Android malware gets distributed by 3rd-party (pirated) app stores and apk downloads, where every victim actually had to do something questionable to get infected. There haven't been many reports of malware attacks on Android from doing innocent things like opening emails.
WannaCrypt on the other hand relied on NSA's ETERNALBLUE and DOUBLEPULSAR exploits so that computers sharing a network could get infected without doing anything.
Aside from that, most people would just reset their phone if they got ransomware since most of the important data on a phone is already backed up to the cloud. So there's less of a payout as well.
Federal agencies almost certainly have zero-days against Android, against the Linux kernel, what have you. What's the argument that Windows is inherently more susceptible to attack? I've heard that the kernel is more sophisticated than Unix-style kernels, so I suppose that perhaps the attack surface is higher -- but I've also never heard anything concrete to that effect.
Yes, they accumulate 0days, that's what they do. The NSA for example defines themselves as a "capabilities based organization", which is synonym for just accumulating ways to breaking into systems, whatever it is... hardware, software, cryptoanalysis... you name it.
But the difference is that if a vulnerability was found in Linux, people would quickly get it fixed then get their machines patched for free.
This narrative was probably true years ago, not in 2017.
Where is the global Android ransomware scandal?
Malware targets Windows because Windows is the low hanging fruit.