A software that could be used for anti-forensics. By default, configs are at /etc and named usbkill.ini. The default behaviour - shut the system down. Keeps a whitelist of allowed USB devices. Can also prevent malware from getting on the PC from a USB drive.
Analogues: BusKill (set a udev rule to be triggered if the USB drive is removed: lock, shutdown or self-destruct) and Silk Guardian (Linux Kernel mode switch that’s waiting for a change, deletes files on events and shuts the system down).
On Linux machine the USB controller detects and sets up the USB devices that are plugged in.
References
[1] Presentation from Magnet Summit Webinar