Level 36
The Matrix ransomware is usually deployed after cyber-criminals use unsecured RDP endpoints to compromise companies' internal networks.
In other words, Matrix is now in the same category of ransomware strains, such as the more famous SamSam, BitPaymer, and Ryuk --using hacked RDP endpoints to enter companies' networks and infect as many PCs as possible before asking for huge ransom demands.

The difference is that Matrix has not been deployed or infected the same amount of victims as the aforementioned; this being one of the reasons very few know about it, except the small circle of malware analysts.

Throughout the past few years, Sophos says it detected only 96 samples of Matrix ransomware in the wild, the ransomware receiving constant tweaks and upgrades as time went by.