A major stolen credit card data trafficking case has drawn international attention after a Chilean national was extradited to the United States for allegedly selling tens of thousands of compromised payment card details through online channels. According to the U.S. Department of Justice, Alex Rodrigo Valenzuela Monje, also known as “VAL4K,” was extradited from Chile to the United States on February 25, 2026, and arraigned in federal court in Salt Lake City. The 24-year-old faces charges tied to stolen credit card data trafficking and unlawful transfer of identification information to facilitate criminal activity.
The indictment alleges that between May 2021 and August 2023, Valenzuela Monje operated an illegal online card shop that distributed unauthorized access devices—commonly referred to in cybercrime circles as “dumps”—through Telegram channels.
Telegram Carding Marketplace Allegedly Distributed Over 26,000 Stolen Cards
Court documents claim that the accused managed Telegram channels named MacacoCC Collective and Novato Carding, offering payment card data linked to thousands of U.S. consumers. Investigators allege that under just one credit card brand alone, the operation trafficked information tied to approximately 26,528 cards.
The stolen credit card data trafficking operation reportedly included sensitive data such as account numbers, cardholder names, expiration dates, and CVV codes, details that can enable fraudulent transactions and identity-based financial crimes.
Authorities say the use of Telegram reflects a broader trend in carding cybercrime, where threat actors rely on encrypted messaging platforms to evade detection while running scalable digital marketplaces.
This model has become increasingly common across dark web ecosystems, allowing cybercriminals to reach global buyers without maintaining traditional web infrastructure.
International Cybercrime Extradition Signals Stronger Enforcement Push
The extradition process began after a sealed indictment was issued by a federal grand jury in 2023. The United States formally requested extradition, which was initially approved by the Chilean Supreme Court in April 2025. Following appeals, Valenzuela Monje was arrested in January 2026 before being transferred to U.S. authorities.
The case was investigated by the Federal Bureau of Investigation (FBI) with support from international partners, highlighting the growing coordination behind international cybercrime extradition efforts.
“I want to thank our federal partners for their dedication in investigating individuals in foreign countries who use the internet to commit crimes against our citizens,” said U.S. Attorney Melissa Holyoak of the District of Utah. “Individuals may believe they can hide behind foreign borders, but the United States is committed to investigating and prosecuting these cybercrimes targeting Americans.”
“This extradition sends a clear message to cybercriminals everywhere that geography will not shield you from accountability,” said Special Agent in Charge Robert Bohls of the Salt Lake City FBI. “Even when operating from abroad, those who exploit technology to victimize American companies and citizens will be identified, located, and brought to justice. Our international partnerships, alongside our work with the Utah Department of Public Safety, remain among the FBI’s most powerful tools in targeting and dismantling cyber threats.
Stolen Credit Card Data Trafficking Continues to Scale Through Digital Platforms
The stolen credit card data trafficking case reflects a larger cybersecurity reality: digital financial crime is no longer limited by geography. Messaging platforms, cryptocurrency payments, and automated data distribution tools have significantly lowered the barrier for cybercriminal operations.
While law enforcement actions like this extradition demonstrate progress, the persistence of carding marketplaces suggests that enforcement alone may not be enough. Financial institutions, technology platforms, and consumers must all play a role in reducing the value of stolen data through stronger fraud detection and identity verification controls.
Valenzuela Monje has pleaded not guilty, and the case will proceed through the U.S. judicial system. As investigations continue, the incident serves as a reminder that stolen credit card data trafficking remains one of the most active—and profitable—forms of cybercrime in today’s digital economy.
