A British man has appeared in court accused of masterminding a wave of cyber attacks against two of the UK’s largest banks.

Daniel Kaye, 29, was extradited from Germany after he allegedly orchestrated the “botnet” assaults that targeted Lloyds Banking Group and Barclays in January.

The three-day onslaught directed at Lloyds prevented some Lloyds, Halifax and Bank of Scotland customers using their online accounts after the banks refused to pay a ransom.

Kaye is said to have developed malicious software enabling him to take controls of computers all over the world, creating his own botnet.

He was alleged to have launched distributed denial of service (DDoS) assaults – where multiple infected computers bombard a system in an attempt to overwhelm its security and gain access to information.

It is estimated it cost Lloyds £190,000 to get internet services back online, while it costs Barclays around £146,000 to get their systems fully up and running again.

In one email to a potential client, he allegedly boasted he had between 555,000 and 1.5 million computers in his botnet.

He allegedly said in the message he had created the network of malicious computers specifically to carry out cyber attacks.

During a hearing at Westminster Magistrates’ Court, Kaye stood accused of nine charges under the Computer Misuse Act, two of blackmail and one of possession of criminal property.

Kaye, formerly of Egham, Surrey, but with dual British and Israeli citizenship, was extradited back to Britain on Wednesday under a European Arrest Warrant following an investigation involving the NCA’s German counterpart the Bundeskriminalamt (BKA).

Listing his case for a plea and case management hearing on September 28 at Blackfriars Crown Court, District Judge Tan Ikram remanded him in custody until that date.

Authorities allege Kaye used a botnet, called Mirai #14, against the banks.

One of the charges also relates to an allegation he “endangered human welfare” by carrying out a cyber attack against Lonestar MTN, the largest internet provider in Liberia, west Africa.

A Lloyds spokeswoman said the January attack was “successfully defended” but resulted in “intermittent and temporary service issues” for some customers.

She added: “There was no attempt to access the bank’s systems and no customer details or accounts were compromised.”