Recent work has shown how easily white-box adversarial attacks can be applied to state-of-the-art image classifiers. However, real-life scenarios resemble more the black-box adversarial conditions, lacking transparency and usually imposing natural, hard constraints on the query budget. We propose EvoBA 1 , a black-box adversarial attack based on a surprisingly simple evolutionary search strategy. EvoBA is query-efficient, minimizes L0 adversarial perturbations, and does not require any form of training. EvoBA shows efficiency and efficacy through results that are in line with much more complex state-of-the-art black-box attacks such as AutoZOOM. It is more query-efficient than SimBA, a simple and powerful baseline black-box attack, and has a similar level of complexity. Therefore, we propose it both as a new strong baseline for black-box adversarial attacks and as a fast and general tool for gaining empirical insight into how robust image classifiers are with respect to L0 adversarial perturbations. There exist fast and reliable L2 black-box attacks, such as SimBA, and L∞ blackbox attacks, such as DeepSearch. We propose EvoBA as a query-efficient L0 black-box adversarial attack which, together with the aforementioned methods, can serve as a generic tool to assess the empirical robustness of image classifiers. The main advantages of such methods are that they run fast, are query-efficient, and can easily be integrated in image classifiers development pipelines. While our attack minimises the L0 adversarial perturbation, we also report L2, and notice that we compare favorably to the state-of-the-art L2 black-box attack, AutoZOOM, and of the L2 strong baseline, SimBA.