Rclone is an open source, multi threaded, command line computer program to manage or migrate content on cloud and other high latency storage.

[10] It provides further management functions analogous to those ordinarily used for files on local disks, but which tolerate some intermittent and unreliable service.

Rclone is commonly used with media servers such as Plex,[11] Emby or Jellyfin[12] to stream content direct from consumer file storage services.

[11] Official Ubuntu, Debian, Fedora, Gentoo, Arch, Brew, Chocolatey, and other package managers include rclone.

[14][9] Concerns about the noise and power costs arising from home computer servers prompted him to embrace cloud storage and he began developing rclone as open source software in 2012 under the name swiftsync.

[18] In March 2020, Nick Craig-Wood resigned from Memset Ltd, a cloud hosting company he founded, to focus on open source software.

In all versions of rclone from 1.49.0 to 1.53.2 the seed value for generated passwords was based on the number of seconds elapsed in the day, and therefore not truly random.

[24] The work was EU funded to promote vendor-neutral application programming interfaces and protocols for synchronisation and sharing of academic data on cloud storage.

Crypt is commonly[11] used to encrypt / decrypt media, for streaming, on consumer storage services such as Google Drive.

In the latter case there is a potential clash with encryption for cloud backends, such as Microsoft OneDrive, having limited path lengths.

Performance choices include number of concurrent transfer threads; chunk size; bandwidth limit profiling, and cache aggression.

[42] Later that year, University of Utah's Center for High Performance Computing examined the impact of rclone options on data transfer rates.

Researchers established the hackers spent about a month exploring the breached networks, using rclone to archive stolen data to cloud storage, before encrypting the target system.

[81][82] The FBI warned January 2021, in Private Industry Notification 20210106–001, of extortion activity using Egregor ransomware and rclone.

[83] Bookseller Barnes & Noble, US retailer Kmart, games developer Ubisoft and the Vancouver metro system have been reported as victims.

[84] An April 2021, cybersecurity investigation into SonicWall VPN zero-day vulnerability SNWLID-2021-0001[85] by FireEye's Mandiant team established attackers UNC2447 used rclone for reconnaissance and exfiltration of victims' files.

[87] A June 2021, Microsoft Security Intelligence Twitter post identified use of rclone in BazaCall cyber attacks.

The call centre team then instructed victims to download a hostile file that installed malware on the target network, ultimately allowing use of rclone for covert extraction of potentially sensitive data.

The post notes illicit use of other legitimate file transfer utilities in exfiltrate and extort schemes but focuses on MEGAsync, MEGAcmd and rclone.

Rclone has a wider range of content management capabilities, and types of backend it can address, but only works at a whole file / object level.