Last year, Europol and its many law enforcement partners took down and seized webstresser.org, one of the most notorious “booter” sites for launching distributed denial-of-service (DDoS) attacks, which was claimed to have launched millions of attacks.

But the coalition of feds isn’t stopping there. Now, Europol wants to go after its thousands of users.

As part of the collective law enforcement effort from the U.K., U.S., and many European partners in Operation Power Off, Europol obtained a list of its 151,000 registered users. With help from British and Dutch police, “actions are currently underway worldwide to track down the user,” said Europol in a statement Monday.

According to the law enforcement body, more than 250 users of the seized DDoS services will “soon face action for the damage they have caused.

“Size does not matter – all levels of users are under the radar of law enforcement, be it a gamer booting out the competition out of a game, or a high-level hacker carrying out DDoS attacks against commercial targets for financial gain,” the statement read.

DDoS attacks have long plagued the internet as a by-product of faster connection speeds and easy-to-exploit vulnerabilities in the protocols that power the internet. While many use booter and stresser sites for legitimate services — such as to test the resilience of a corporate network from DDoS attacks — many have used them to launch large-scale attacks that can knock networks offline.

When those networks’ support apps and services are knocked offline, millions can be affected at any one time.

This latest effort comes as several regional law enforcement agencies are intensifying their efforts against booter sites. Late last month, the FBI seized more than a dozen DDoS-for-hire sites, and Romanian police also took action against the administrators of two smaller but significant DDoS platforms.