I think it is being overblown.
I'm just trying to look at it practically. There are two reasons to attack an OS. One is to show you can and the other is to make money from people.
I doubt if anyone would get much hacker community creed for attacking XP now.
"Wow, dude, so it's only taken you 13 years to come up with a hack for XP. Make sure you let us know when you've learned to tie your shoelaces."
And criminals want to have the largest possible number of targets.
The exception would be large organisations with a lot of older systems and that's why they are paying for extended support.