With a sticky fingerprint. I’ve built a system like this for managing trolls. You fingerprint the user and associate it with an IP. There are multiple mechanisms that can contribute to the fingerprint (cookie, user agent, supported media codecs, etc. See https://github.com/fingerprintjs/fingerprints for an example implementation).
Then if another user registers with the same fingerprint we link the accounts together.
In our case the whole thing is also requiring human moderator input to actually keep the whole thing going though.
I once helped nuked a user who was a persistent sexual harasser with access to multiple /16 ranges - but their device config (browser and etc.) was unique to users of the service in question, so we just hellbanned that.
(apologies for the level of vague here but I don't believe it's fair to anybody else involved to be less vague - including the user in question, who seemed relatively young and I hope has grown up since)
Then if another user registers with the same fingerprint we link the accounts together.
In our case the whole thing is also requiring human moderator input to actually keep the whole thing going though.