diff --git a/packs/osx-attacks.conf b/packs/osx-attacks.conf
index 859f030e..ef558d9a 100644
--- a/packs/osx-attacks.conf
+++ b/packs/osx-attacks.conf
@@ -596,13 +596,6 @@
       "description": "OSX Dummy Malware (https://objective-see.com/blog/blog_0x32.html and https://isc.sans.edu/diary/23816)",
       "value": "Artifacts created by this malware"
     },
-    "Keyboard_Event_Taps": {
-      "query": "SELECT * FROM processes JOIN event_taps ON processes.pid = event_taps.tapping_process where event_taps.enabled = 1;",
-      "interval" : "3600",
-      "version": "3.3.0",
-      "description": "Finds processes that have active keyboard event taps, typically used by RATs and other malicious software for keylogging",
-      "value": "Process with keyboard event taps"
-    },
     "OSX_SearchAwesome": {
       "query" : "SELECT * FROM file \
          WHERE path = '/Applications/spi.app' OR \