Kr00k takes advantage of a period of a time when a device disconnects from a network either when roaming from access point to access point, or when it is forced off in a suspicious manner. After the targeted device then reconnects to the network, it will transmit the previously unsent data (usually around a few kilobytes in size) encrypted with a key consisting of all zeros.
Read full article on HotHardware