Although smart contracts are immutable once they are deployed, the reality is that they need upgrades to fix bugs or add new features. Nowadays, there are a few upgrade methods in Ethereum, some of which can change the contract without changing the contract address that users interact with. This upgrade way increases potential danger and results in users’ distrust, because it may secretly change the function of the contract and cause users financial loss. We examine two of these upgrade methods, i.e., proxy pattern and metamorphic contract. For the proxy pattern, we propose a bytecode-based method for detecting these upgradeable contracts, which achieves a 99.23% F1-score. We use the bytecode-based method to detect the contracts in the first 12 million blocks of Ethereum and find 127,753 upgradeable contracts. For the metamorphic contracts, we employ an Ethereum replay tool to replay the transactions and find the metamorphic contracts according to the SELFDESTRUCT and CREATE2 instructions. We find that 64.3% of the contracts upgraded using this way are malicious MEV bots. Finally, we summarize the reasons for smart contract upgrades and make development recommendations