Magento may deprive support of more than 200 thousand sites

The first version of CMS Magento will expire in June 2020, but the vast majority of online storeowners have not yet switched to the current release of the platform. Thus, Magento may deprive support of more than 200 thousand sites.

According to various sources, from almost 200 to 240 thousand web resources are at risk of remaining without important updates from the middle of next year. Note that the manufacturer announced the termination of support for CMS in September 2018.

Despite the warning that Magento’s first version has been removed from support, site owners are in no hurry to update the platform. In February 2019, the HostingTribunal monitoring service published statistics according to which at least 250 thousand hosts were working on Magento at that time. Of these, version 2.x accounted for no more than 11 thousand sites, or about 5% of the total number of web resources.

Read also: Attackers try to use the new Capesand exploit pack with old code

Magento developers’ data is somewhat more optimistic: according to them, at the end of 2018, version 2.x was installed on 30 thousand resources. However, the vendor does not provide statistics on the total number of sites running on Magento at that time.

Now, according to the statistics service BuiltWith, about 210 thousand online stores on this CMS are active. Of these, version 2.2 uses only 12 thousand, and in general different versions of Magento 2 – about 27.5 thousand.

“Magento is, by far, today’s most popular technology for hosting an online store. It launched in 2007 and quickly rose through the ranks due to superior features and customizability options”, — report ZDNet journalists.

Magento 2 platform appeared in 2015. Despite the more advanced features and better security, companies from the very beginning switched to it slowly- they were afraid of downtime in the work of sites.

At the same time, in the absence of support, store sites will become easy prey for attackers.

“Storeowners who fail to do so will face the risk of having sites hacked and infected with code that steals customers’ payment details. This is a pretty plausible scenario on the backdrop of an increase in the number of web skimming (Magecart) attacks”, — reports ZDNet magazine.

Experts regularly observe attacks aimed at resources based on Magento. In particular, the Magecart group carries out campaigns against online stores using CMS. According to security experts, at least 40 thousand sites were affected by the actions of cybercriminals in three years. Attackers inject a skimmer into the code of the pages of an online store, which steals information about the bankcard numbers of customers.