The way they usually work is they give you some string and you sign it to prove you own the address.
Could a malicious air drop make a transaction sending all your BTC to them, and then you sign it, and then they broadcast it to the network?
Or is signing a message different than signing a transaction?
It has been a while since I have joined an airdrop. From my experience, none of them has asked me to sign anything. Airdrops are supposed to be free and you do not need to send anything to them. Anyone asking you to send first are scams.
thats right, and never drop your private key or secret key to any airdrop project buddy
because i ever heard somebody said that he must drop our private key in airdrop project, for sure you should not join a kind of airdrop project like that